CVE-2022-30708: 
Webmin vulnerability analysis and mitigation

CVE-2022-30708 affects Webmin through version 1.991 when using the Authentic theme. The vulnerability allows remote code execution when a user has been manually created (not created in Virtualmin or Cloudmin). This security flaw was discovered and reported on May 14, 2022, and stems from the settings-editor_write.cgi script not properly restricting the file parameter (NVD, CVE).

The vulnerability has a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The issue specifically occurs in the settings-editor_write.cgi script where insufficient restrictions on the file parameter allow for arbitrary file writes. This can lead to remote code execution when exploited by a manually created user with access to the Authentic theme (NVD).

When successfully exploited, this vulnerability allows an attacker with a manually created user account to execute arbitrary code on the system with elevated privileges. This could potentially lead to complete system compromise, as the attacker can gain unauthorized access to sensitive data and perform privileged operations (NVD).

The vulnerability was addressed through a security patch. Users should upgrade their Webmin installation to a version newer than 1.991. The fix includes proper restrictions on the file parameter in the settings-editor_write.cgi script (Webmin Commit).

The vulnerability was initially reported through GitHub issues, where it was promptly acknowledged and addressed by the Webmin development team. The discovery was made during a live streaming session, which garnered attention from the security research community (GitHub Issue).