[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-2302":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":52,"name":53,"published":54,"updated":34},2302,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},2,"Nuclei",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":45,"epss_score":46,"epss_percentile":47,"cve":48,"in_cisa_catalog":50,"date":51,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"critical","The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.","Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.","Upgrade Webmin to version 1.997 or later to mitigate this vulnerability.",[40,41,42,43,44],"https://medium.com/@emirpolat/cve-2022-36446-webmin-1-997-7a9225af3165","https://www.exploit-db.com/exploits/50998","https://github.com/webmin/webmin/compare/1.996...1.997","https://nvd.nist.gov/vuln/detail/CVE-2022-36446","http://packetstormsecurity.com/files/167894/Webmin-1.996-Remote-Code-Execution.html",9.8,0.9293,0.99772,[49],"CVE-2022-36446",false,"2022-07-25T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2022-36446","Webmin \u003C1.997 - Authenticated Remote Code Execution","2023-07-04T00:00:00Z"]