CVE-2021-31762: CSRF
First published: Sun Apr 25 2021(Updated: )
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Webmin | =1.973 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-31762 vulnerability?
CVE-2021-31762 is a Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 that allows attackers to create a privileged user and gain unauthorized access.
How severe is CVE-2021-31762?
The severity of CVE-2021-31762 is rated as high, with a CVSS score of 8.8.
What software versions are affected by CVE-2021-31762?
Webmin 1.973 is affected by CVE-2021-31762.
How can an attacker exploit CVE-2021-31762?
An attacker can exploit CVE-2021-31762 by performing a Cross-Site Request Forgery (CSRF) attack to create a privileged user through Webmin's add users feature and gain a reverse shell access through Webmin's running process feature.
Are there any fixes or patches available for CVE-2021-31762?
At the time of writing, there is no official patch or fix available for CVE-2021-31762. It is recommended to update to a newer version of Webmin once a patch is released.
- collector/nvd-index
- vendor/webmin
- canonical/webmin webmin
- version/webmin webmin/1.973