← All tools

CVE-2022-36446-Webmin-Software-Package-Updates-RCE

https://podalirius.net/

Free

Categories

Exploitation

Description

A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.

Keywords

cve-2022-36446 exploit package rce software update webmin python

Example Usage

$ ./CVE-2022-36446.py -h
CVE-2022-36446 - Webmin < 1.997 - Software Package Updates RCE (Authenticated) v1.1 - by Remi GASCOU (Podalirius)

usage: CVE-2022-36446.py [-h] -t TARGET [-k] -u USERNAME -p PASSWORD (-I | -C COMMAND) [-v]

CVE-2022-36446 - Webmin < 1.997 - Software Package Updates RCE (Authenticated)

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        URL to the webmin instance
  -k, --insecure
  -u USERNAME, --username USERNAME
                        Username to connect to the webmin.
  -p PASSWORD, --password PASSWORD
                        Password to connect to the webmin.
  -I, --interactive     Interactive console mode.
  -C COMMAND, --command COMMAND
                        Only execute the specified command.
  -v, --verbose         Verbose mode. (default: False)