FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

webmin -- CGI Command Injection Remote Code Execution

Affected packages
webmin <= 2.105

Details

VuXML ID 805ad2e0-49da-11f0-87e8-bcaec55be5e5
Discovery 2024-12-30
Entry 2025-06-15

Webmin reports:

A less-privileged Webmin user can execute commands as root via a vulnerability in the shell autocomplete feature.

[source]

References

CVE Name CVE-2024-12828
URL https://nvd.nist.gov/vuln/detail/CVE-2024-12828
URL https://webmin.com/security/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.