CVE-2015-2079

CRITICAL

9.9

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile9.25th

Published2025年4月28日

Last Modified2025年5月14日

Vulnerability Description

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form of Perl open.

Affected Platforms (CPE)

📦

Webmin

Usermin

>= 0.980 and < 1.660

References & Advisories

🔗 https://code-white.com/blog/2015-05-cve-2015-2079-rce-usermin/

🔗 https://code-white.com/public-vulnerability-list/

相關漏洞威脅

CVE-2005-117710.0

Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuratio...

CVE-2003-010110.0

miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and...

CVE-2002-07577.5

(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentica...

CVE-2002-07567.5

Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to ...