Headline
CVE-2022-0824: Foreign module may need a check · webmin/webmin@39ea464
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
@@ -5144,7 +5144,8 @@ sub init_config
}
if ($module_name && !$main::no_acl_check &&
!defined($ENV{’FOREIGN_MODULE_NAME’}) &&
(!defined($ENV{’FOREIGN_MODULE_NAME’}) ||
defined($ENV{’FOREIGN_MODULE_SEC_CHECK’})) &&
$main::webmin_script_type eq ‘web’) {
Check if the HTTP user can access this module
if (!&foreign_available($module_name)) {
Related news
In Webmin version 1.984, any authenticated low privilege user without access rights to the File Manager module could interact with file manager functionalities such as downloading files from remote URLs and changing file permissions. It is possible to achieve remote code execution via a crafted .cgi file by chaining those functionalities in the file manager.
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.