SUBJECT: CVE-2022-36446 MiniServ 1.973 (Webmin 1.973) Vulnerability
TECH STACK: MiniServ 1.973 (Webmin 1.973)
DATE(S) ISSUED: 07/25/2022
CRITICALITY: HIGH
OVERVIEW:
CVE-2022-36446 is a critical vulnerability in MiniServ 1.973, which is a component of Webmin 1.973. This vulnerability allows an attacker to exploit an open port (39993) to gain unauthorized access and potentially execute arbitrary code. Exploiting this vulnerability can lead to a complete compromise of the affected system.
NIST Description: The vulnerability in MiniServ 1.973 of Webmin 1.973 allows attackers to exploit an open port (39993) to bypass authentication and gain unauthorized access. This issue can result in significant security breaches, including unauthorized data access and potential system takeover.
For more details, visit NVD.
THREAT INTELLIGENCE:
CISA has added CVE-2022-36446 to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation by threat actors. This vulnerability is a common attack vector for malicious cyber actors, posing a high risk to systems running the affected software.
For more information, visit CISA.
NIST NVD:
SOLUTION:
The patch for CVE-2022-36446 has been released and should be applied immediately to mitigate the risk. The update addresses the vulnerability in MiniServ 1.973 of Webmin 1.973.
Steps to Mitigate the Vulnerability:
- Download the latest version of Webmin from the Webmin website.
- Stop the Webmin service.
- Back Up your Webmin configuration and data.
- Install the updated version of Webmin following the instructions provided in the Webmin documentation.
- Start the Webmin service.
Mitigation Measures:
- Firewall Configuration: Ensure that port 39993 is not accessible from untrusted networks. Use firewall rules to restrict access to trusted IP addresses only.
- Reverse Proxy: Implement a reverse proxy to block unauthorized access to the affected port and paths.
REFERENCES:
