CVE-2021-31762

Published April 25th, 2021

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.

webmin/webmin

Powerful and flexible web-based server management control panel

GitHub

5.94K