Error Message Discrepancy Allows Enumeration of Valid User Accounts
CVE-2024-44762

Currently unrated

Key Information:

Vendor

Webmin

Vendor
CVE Published:
16 October 2024

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 11%

What is CVE-2024-44762?

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-44762-webmin-userenum
Created by arbaaz29

References

https://senscybersecurity.nl/cve-2024-44762-explained/

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

JSON
.