Back to directory

WRITEUP #2450

CVE-2022–36446 — Webmin 1.996 — Remote Code Execution (RCE — Authenticated) During Install New Packages

RCEOS command injection

by@devilsgrins(Emir Polat)

Program

Webmin

Published

Jul 26, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

SSD Advisory – SonicWall SMA100 Stored XSS To RCE

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat