Webmin-RCE-PoC-CVE-2019-15107 is a Python-based scanner that detects vulnerable Webmin (1.890 - 1.920) servers affected by CVE-2019-15107, an unauthenticated remote code execution (RCE) vulnerability in the /password_change.cgi endpoint.# Webmin CVE-2019-15107 Vulnerability Scanner
A multi-threaded Python scanner to detect Webmin servers vulnerable to CVE-2019-15107 (authenticated RCE vulnerability in Webmin versions 1.890 through 1.920).
## Description
This tool scans a list of Webmin servers (provided in CSV format) and checks for the CVE-2019-15107 vulnerability, which allows remote code execution through the password_change.cgi endpoint. The scanner is multi-threaded for efficient scanning of large networks and provides color-coded output for easy result interpretation.
## Features
- Multi-threaded scanning for fast results
- CSV input file support (HOST:IP:PORT format)
- Color-coded terminal output (green/red/yellow for vulnerable/non-vulnerable/errors)
- Real-time scanning statistics
- Automatic saving of vulnerable hosts to `vulnerable_hosts.txt`
- Detailed scan summary report
## Vulnerability Details
**CVE-2019-15107**: An authenticated remote code execution vulnerability in Webmin versions 1.890 through 1.920. The vulnerability exists in the password_change.cgi endpoint, which allows command injection via the `expired` parameter.
## Installation
1. Clone this repository:
```bash
git clone https://github.com/mattb709/CVE-2019-15107-Scanner.git
cd CVE-2019-15107-Scanner
```
2. Install the required dependencies:
```bash
pip install requests colorama
```
## Usage
1. Prepare a CSV file (`targets.csv`) with your target hosts in the following format:
```
HOST,IP,PORT
server1,192.168.1.1,10000
server2,10.0.0.2,10000
```
(If PORT is empty, default port 10000 will be used)
2. Run the scanner:
```bash
python CVE-2019-15107-Scanner.py targets.csv
```
3. For faster scanning with multiple threads (e.g., 10 threads):
```bash
python CVE-2019-15107-Scanner.py targets.csv --threads 10
```
## Output Example
```
[*] Starting Webmin CVE-2019-15107 Scanner
[*] Loading targets from: targets.csv
[*] Using 5 threads
[+] VULNERABLE: 192.168.1.1:10000
Command output: uid=0(root) gid=0(root) groups=0(root)
[-] Not vulnerable: 10.0.0.2:10000
[!] Error: 10.0.0.3:10000 - Connection timeout
=== SCAN SUMMARY ===
Vulnerable hosts: 1
Non-vulnerable hosts: 1
Errors: 1
Total hosts scanned: 3
Vulnerable hosts saved to 'vulnerable_hosts.txt'
```
## Output Files
- `vulnerable_hosts.txt`: Contains all identified vulnerable hosts in IP:PORT format
## Disclaimer
This tool is intended for authorized security testing and research purposes only. The author is not responsible for any misuse or damage caused by this program. Always obtain proper authorization before scanning any systems.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## References
- [CVE-2019-15107](https://nvd.nist.gov/vuln/detail/CVE-2019-15107)
- [Webmin Security Advisory](https://www.webmin.com/security.html)
登录后查看神龙缓存的 POC 文件快照
登录查看