Tenable6780.PRMWebmin <= 1.580 Multiple Input-Validation Vulnerabilities (deprecated)
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
99.9%
The remote host is running a Webmin HTTP server.
Versions earlier than or equal to 1.580 are vulnerable to the following vulnerabilities :
-
A command execution vulnerability affects the ‘edit_mon.cgi’ , ‘saved_mon.cgi’ and ‘/file/show.cgi’ scripts. (CVE-2012-2981, CVE-2012-2982)
-
A directory traversal vulnerability affects the ‘file’ parameter of the ‘edit_html.cgi’ script. (CVE-2012-2983)
Binary data 6780.prmRelated
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
99.9%