Unauthorized File Access Vulnerability in Webmin by Cloud Computing Solutions
CVE-2012-2983

Currently unrated

Key Information:

Vendor

Gentoo

Status
Webmin
Vendor
CVE Published:
11 September 2012

What is CVE-2012-2983?

The vulnerability in Webmin arises from the file/edit_html.cgi component, where the lack of an authorization check allows remote attackers to access unedited contents of any file. This oversight can lead to unauthorized disclosure of sensitive information. Users of Webmin 1.590 and earlier are particularly at risk, as they could be exploited by providing a manipulated file path, enabling attackers to gain access to critical system files or user data.

References

http://www.americaninfosec.com/research/dossiers/AISG-12-...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/788478
third-party-advisoryx_refsource_CERT-VN
http://www.securitytracker.com/id?1027507
vdb-entryx_refsource_SECTRACK

EPSS Score

54% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.