CVE-2017-15645

Publication date

2017-10-19 22:00:00

Family

mitre

State

PUBLISHED

Description

CSRF exists in Webmin 1.850. By sending a GET request to at/create_job.cgi containing dir=/&cmd= in the URI, an attacker to execute arbitrary commands.