Sensitive Data: Webmin - Default Login¶

Identifier: webmin_default_login

Scanner(s) Support¶

Description¶

Webmin system administration interface may be accessible with default credentials, allowing unauthorized access to server management functions and potentially full system control.

How we test: We attempt to authenticate to the Webmin interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Reference:

• https://webmin.com/
• https://doxfer.webmin.com/Webmin/Installing_Webmin

Configuration¶

Example¶

Example configuration:

---
security_tests:
  webmin_default_login:
    skip: false

Reference¶

skip¶

Type : boolean

Skip the test if true.