Awesome
<p align="center"> A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. <br> <img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE"> <a href="https://twitter.com/intent/follow?screen_name=podalirius_" title="Follow"><img src="https://img.shields.io/twitter/follow/podalirius_?label=Podalirius&style=social"></a> <a href="https://www.youtube.com/c/Podalirius_?sub_confirmation=1" title="Subscribe"><img alt="YouTube Channel Subscribers" src="https://img.shields.io/youtube/channel/subscribers/UCF_x5O7CSfr82AfNVTKOv_A?style=social"></a> <br> </p>Features
- Supports HTTP and HTTPS (even with self-signed certificates with
--insecure
). - Single command execution with
--command
option. - Interactive console with
--interactive
option.
Usage
$ ./CVE-2022-36446.py -h
CVE-2022-36446 - Webmin < 1.997 - Software Package Updates RCE (Authenticated) v1.1 - by @podalirius_
usage: CVE-2022-36446.py [-h] -t TARGET [-k] -u USERNAME -p PASSWORD (-I | -C COMMAND) [-v]
CVE-2022-36446 - Webmin < 1.997 - Software Package Updates RCE (Authenticated)
optional arguments:
-h, --help show this help message and exit
-t TARGET, --target TARGET
URL to the webmin instance
-k, --insecure
-u USERNAME, --username USERNAME
Username to connect to the webmin.
-p PASSWORD, --password PASSWORD
Password to connect to the webmin.
-I, --interactive Interactive console mode.
-C COMMAND, --command COMMAND
Only execute the specified command.
-v, --verbose Verbose mode. (default: False)
Mitigation
Update to Webmin >= 1.997.
Demonstration
Contributing
Pull requests are welcome. Feel free to open an issue if you want to add other features.