{"vulnerability": "CVE-2019-1284", "sightings": [{"uuid": "03f345dd-c077-494b-8ad2-1df2471c6fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "exploited", "source": "https://www.exploit-db.com/exploits/46984", "content": "", "creation_timestamp": "2019-06-11T00:00:00.000000Z"}, {"uuid": "2406fb9f-611c-4889-9af7-8cfbce1eab46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "MISP/9e8f4e39-3831-432a-b196-8fed951d7f0c", "content": "", "creation_timestamp": "2024-11-14T06:07:39.000000Z"}, {"uuid": "0510e216-650a-424f-bd74-2285b9d77b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "6f08536f-fc4c-42a1-9eba-6f2c30d49dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/webmin_packageup_rce.rb", "content": "", "creation_timestamp": "2019-06-19T13:57:30.000000Z"}, {"uuid": "e18be482-4575-480a-b536-a53ae0069e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:12.000000Z"}, {"uuid": "bbdb1502-4972-44a2-9167-b1e335c899e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6500", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aEsto es una prueba de concepto propia i basica de la vulneravilidad CVE-2019-12840 la qual te da un RCE en root\nURL\uff1ahttps://github.com/Pol-Ruiz/PoC-CVE-2019-12840\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-01-25T23:08:46.000000Z"}, {"uuid": "03a32148-6b58-42b3-a06f-e12bada9af3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "https://t.me/cibsecurity/21140", "content": "\u203c CVE-2020-35606 \u203c\n\nArbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-21T22:52:17.000000Z"}, {"uuid": "e5ef0355-07ca-4d4a-9d71-db01912c4ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12840", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2350", "content": "#Threat_Research\n1. CVE-2020-35606 - Arbitrary Command Execution Vulnerability in Webmin\n// This vulnerability is bypassing the measure taken for CVE-2019-12840 and converting it into a new vector\nhttps://www.pentest.com.tr/exploits/Webmin-1962-PU-Escape-Bypass-Remote-Command-Execution.html\n2. SUNBURST, TEARDROP and the NetSec New Normal\nhttps://research.checkpoint.com/2020/sunburst-teardrop-and-the-netsec-new-normal\n3. CyRC analysis: Authentication bypass vulnerability in Java Bouncy Castle (PoC for CVE-2020-28052)\nhttps://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle", "creation_timestamp": "2020-12-31T18:30:13.000000Z"}]}