Skip to main content
CVE-2021-31761 CRITICAL POC THREAT Act Now

Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webmin
NVD GitHub Exploit-DB
CVSS 3.1
9.6
EPSS
33.6%
CVE-2021-31762 HIGH POC This Week

Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Webmin
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
8.8%
CVE-2021-31760 HIGH POC This Week

Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Webmin
NVD GitHub
CVSS 3.1
8.8
EPSS
8.5%
CVE-2021-31726 CRITICAL Act Now

Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection C315 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-30502 CRITICAL PATCH Act Now

The unofficial vscode-ghc-simple (aka Simple Glasgow Haskell Compiler) extension before 0.2.3 for Visual Studio Code allows remote code execution via a crafted workspace configuration with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Simple Glasgow Haskell Compiler
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-31718 HIGH This Week

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Npupnp
NVD
CVSS 3.1
8.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy