Impact
Webmin allows an unauthenticated attacker to read the contents of any file ending in .conf within module directories. The flaw is caused by a bypassable regular‑expression pattern that incorrectly validates filenames, enabling disclosure of configuration information. The weakness falls under CWE‑185 and CWE‑777, which are related to privileged information exposure and potential misuse of system resources.
Affected Systems
This vulnerability affects the Webmin web‑based system administration tool, specifically versions released before 2.64.1. Users running any older Webmin build are at risk if their module directories contain .conf files that should remain confidential.
Risk and Exploitability
The CVSS score of 6.9 indicates a moderate to high risk, and the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. Because authentication is not required, an attacker can achieve the exploit simply by sending a request to the Webmin interface from an external network. The attack requires network reachability to the Webmin management port and the ability to construct a request that matches the vulnerable regex. Once exploited, the attacker gains read access to sensitive configuration files, potentially exposing passwords, socket settings, or other secrets.
OpenCVE Enrichment