In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
This article shows you how the analysis of Webmin's unauthenticated remote code execution vulnerability CVE-2019-15107 is, concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.
0x01 vulnerability details
Webmin is a Web-based system configuration tool for systems like Unix. The flaw lies in the password reset page, which allows unauthenticated users to execute arbitrary commands through a simple POST request. The vulnerability is due to a code execution vulnerability in the reset password function of the password_change.cgi file, which allows malicious third parties to execute malicious code without input verification. Later, Chuangyu 404 Lab found that the existence of the vulnerability is actually caused by certain versions of the installation package and source code on sourceforge being implanted into the backdoor.
0x02 affects version
Webmin
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.