I have lines like this repeated a few times in miniserv.error on a few servers running webmin or a properly installed virtualmin
[11/Sep/2024:03:05:05 +0100] [202.182.122.237] /password_change.cgi : Perl execution failed : Password changing is not enabled! at /usr/share/webmin/password_change.cgi line 12.
has someone found a possible way into webmin by using this script ? I’m guessing 'password changing is not possible without the user logged in but the attempts are logged so someone believes there is a chance to change passwords this way
That is why the word potential is there meaning there is a possibility that some code is attempted to be manipulated. So what further details do want ?
If the word ‘potential’ is intended to be used the way you describe it to be then the correct caption for you to use would be ‘Potential hack attempt’ rather then the more alarming ‘Potential exploit’ that you have used as the topic of this thread.
Most probably a script kiddie still meta-sploiting old Webmin versions. There used to be a CVE which should be fixed meanwhile… As far as I know this was a supply chain attack where a backdoor was implemented in a default installation.