Webmin 1.840 / 1.880 LFI

critical Nessus Plugin ID 146496

Synopsis

The remote web server is affected by a local file inclusion vulnerability.

Description

A local file inclusion vulnerability exists in Webmin 1.840 and 1.880 when the default Yes setting of 'Can view any file as a log file' is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data from the local system (using Local File Include) such as the '/etc/shadow' file via a 'GET /syslog/save_log.cgi?view=1&file=/etc/shadow' request.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Refer to vendor documentation.

See Also

http://www.webmin.com/changes.html

http://www.webmin.com/security.html

Plugin Details

Severity: Critical

ID: 146496

File Name: webmin_CVE-2018-8712.nasl

Version: 1.2

Type: remote

Family: CGI abuses

Published: 2/16/2021

Updated: 2/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2018-8712

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:webmin:webmin

Required KB Items: Settings/ParanoidReport, www/webmin

Exploit Ease: No known exploits are available

Patch Publication Date: 3/14/2018

Vulnerability Publication Date: 3/14/2018

Reference Information

CVE: CVE-2018-8712