CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Webmin: >> Webmin >> 1.962 Security Vulnerabilities

CVE-2020-35769

miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program.

CVSS Score

9.8

EPSS Score

0.004

Published

2020-12-29

CVE-2020-35606

Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.

CVSS Score

8.8

EPSS Score

0.716

Published

2020-12-21

Page 2

Vulnerabilities

Vulnerable Software

Webmin: >> Webmin >> 1.962 Security Vulnerabilities

Products

Pricing

Contact Us