← back
CVE-2012-2982

CVE-2012-2982

EPSS 61.9%
Vexday Risk Score
52Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (42 stars) — exploitation code widely available.
CVSS EPSS 61.9%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
06 Sep 2012Metasploit module available
11 Sep 2012Published on NVD
10 Oct 2012Public PoC
Weaponization speed
28 daysto first PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.