CVE-2022-30708: CVE-2022-30708

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-30708

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Webmin 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Webmin是Webmin社区的一套基于Web的用于类Unix操作系统中的系统管理工具。 Webmin 1.991版本及之前版本存在安全漏洞，该漏洞源于settings-editor_write.cgi 没有正确限制文件参数，导致在手动创建用户（即，未在 Virtualmin 或 Cloudmin 中创建）时远程执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-30708

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-30708

Please Login to view more intelligence information

https://webmin.com/changes.htmlx_refsource_MISC
https://www.twitch.tv/videos/1483029790x_refsource_MISC
https://github.com/webmin/webmin/commit/6a2334bf8b27d55c7edf0b2825cd14f3f8a69d4dx_refsource_MISC
https://github.com/esp0xdeadbeef/rce_webmin/blob/main/exploit.pyx_refsource_MISC
https://github.com/webmin/webmin/issues/1635x_refsource_MISC
https://github.com/esp0xdeadbeef/rce_webminx_refsource_MISC
https://github.com/webmin/webmin/releasesx_refsource_MISC
https://github.com/webmin/authentic-theme/releasesx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-30708

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-30708

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-30708

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-30708

III. Intelligence Information for CVE-2022-30708

IV. Related Vulnerabilities

V. Comments for CVE-2022-30708

Leave a comment