CyberSec.Space Logo
Back to CVE Browser

CVE-2015-2079

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile9.25th
PublishedApr 28, 2025
Last ModifiedMay 14, 2025

Vulnerability Description

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form of Perl open.

Affected Platforms (CPE)

📦
Webmin

Usermin

>= 0.980 and < 1.660

References & Advisories

🔗 https://code-white.com/blog/2015-05-cve-2015-2079-rce-usermin/
🔗 https://code-white.com/public-vulnerability-list/

Related Vulnerabilities

CVE-2005-117710.0

Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuratio...

CVE-2003-010110.0

miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and...

CVE-2002-07577.5

(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentica...

CVE-2002-07567.5

Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to ...