Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-44762 PoC — Webmin Usermin 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-44762.yaml
Associated Vulnerability
Title:Webmin Usermin 安全漏洞 (CVE-2024-44762)
Description:Webmin Usermin是Webmin公司的一个基于 web 的界面。用于 webmail、密码更改、邮件过滤器、fetchmail 等等。 Webmin Usermin 2.100版本存在安全漏洞,该漏洞源于存在无效登录尝试的错误消息中的差异,允许攻击者枚举有效的用户帐户。
Description
Usermin version 2.100 and below is susceptible to username enumeration via the password change functionality. An attacker can determine valid usernames by analyzing the response messages from the password change endpoint.
File Snapshot

 id: CVE-2024-44762

info:
  name: Usermin 2.100 - Username Enumeration
  author: ritikchaddha
  seve

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.