module
Webmin File Disclosure
| Disclosed | Created |
|---|---|
| 2006-06-30 | 2018-05-30 |
Disclosed
2006-06-30
Created
2018-05-30
Description
A vulnerability has been reported in Webmin and Usermin, which can be
exploited by malicious people to disclose potentially sensitive information.
The vulnerability is caused due to an unspecified error within the handling
of an URL. This can be exploited to read the contents of any files on the
server via a specially crafted URL, without requiring a valid login.
The vulnerability has been reported in Webmin (versions prior to 1.290) and
Usermin (versions prior to 1.220).
exploited by malicious people to disclose potentially sensitive information.
The vulnerability is caused due to an unspecified error within the handling
of an URL. This can be exploited to read the contents of any files on the
server via a specially crafted URL, without requiring a valid login.
The vulnerability has been reported in Webmin (versions prior to 1.290) and
Usermin (versions prior to 1.220).
Author
Matteo Cantoni goony@nothink.org
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.