Cross-Site Request Forgery Vulnerabilities in Webmin Product by Webmin
CVE-2012-4893

Currently unrated

Key Information:

Vendor: Gentoo
Status: Webmin
Vendor: CVE Published:; 11 September 2012

What is CVE-2012-4893?

Multiple cross-site request forgery (CSRF) vulnerabilities exist in the file/show.cgi component of Webmin versions 1.590 and earlier. These vulnerabilities can be exploited by remote attackers to manipulate authentication sessions of privileged users. The attackers can issue unauthorized requests that read files or execute commands such as tar, zip, or gzip, potentially compromising sensitive server configurations and data. This highlights the importance of securing web applications against CSRF vulnerabilities to protect user privileges and system integrity.

References

http://www.americaninfosec.com/research/dossiers/AISG-12-...

x_refsource_MISC

http://www.kb.cert.org/vuls/id/788478

third-party-advisoryx_refsource_CERT-VN

http://americaninfosec.com/research/index.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 11, 2012

Gentoo

What is CVE-2012-4893?

References

Timeline