My server was configured with CSF restricting the access to webmin for my own specified ip range. Also, TCP Wrappers were configured with both “perl” and “miniserv.pl” to allow only these specified ip. Also, Webmin was configured to allow root access only to my specified ip’s inside the webmin configuration. Perl libraries for TCP Wrappers were installed. All these protections were tested before but become useless.
edited: I have submit this post as a ticket support, I think it’s a better place.