2 writeups tagged with Webmin
Webmin 1.991 on Ubuntu. CVE-2019-15107 arbitrary command execution via the password reset endpoint for instant root access.
Multiple valid paths: Elastix LFI to leak credentials, Webmin RCE, or Asterisk extension abuse. Great enumeration practice.
