Full title: Webmin 1.984 File Manager Remote Code Execution Exploit 
Category: remote exploits
Platform: linux
In Webmin version 1.984, any authenticated low privilege user without access rights to the File Manager module could interact with file manager functionalities such as downloading files from remote URLs and changing file permissions. It is possible to achieve remote code execution via a crafted .cgi file by chaining those functionalities in the file manager.

# 0day.today @ http://0day.today/