Vulners
Lucene search
CVE-2020-35606
🗓️ 21 Dec 2020 19:19:17Reported by mitreType 
cve🔗 web.nvd.nist.gov📰️ 10 Media mentions👁 109 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2020-35606 | 21 Dec 202022:52 | – | circl |
 | Webmin 操作系统操作系统命令注入漏洞 | 21 Dec 202000:00 | – | cnnvd |
 | Webmin Arbitrary Command Execution Vulnerability (CNVD-2021-07125) | 22 Dec 202000:00 | – | cnvd |
 | Webmin Command Injection (CVE-2020-35606; CVE-2022-36446) | 20 Jan 202100:00 | – | checkpoint_advisories |
 | CVE-2020-35606 | 21 Dec 202019:19 | – | cvelist |
 | CVE-2020-35606 | 21 Dec 202020:15 | – | nvd |
 | Webmin 1.962 Remote Command Execution | 22 Dec 202000:00 | – | packetstorm |
 | Command injection | 21 Dec 202020:15 | – | prion |
 | CVE-2020-35606 | 22 May 202517:10 | – | redhatcve |
 | Webmin < 1.970 Multiple Vulnerabilities | 16 Feb 202100:00 | – | nessus |
10
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| u | data | package-updates/update.cgi | Webmin 1.962 vulnerability allows arbitrary command execution via the update.cgi endpoint using a crafted payload in the 'u' parameter (with URL-encoded control characters like %0A and %0C and &&) to bypass fixes. | CWE-78 |
| redir | data | package-updates/update.cgi | Webmin 1.962 vulnerability allows arbitrary command execution via the update.cgi endpoint using a crafted payload in the 'u' parameter (with URL-encoded control characters like %0A and %0C and &&) to bypass fixes. | CWE-78 |
| redirdesc | data | package-updates/update.cgi | Webmin 1.962 vulnerability allows arbitrary command execution via the update.cgi endpoint using a crafted payload in the 'u' parameter (with URL-encoded control characters like %0A and %0C and &&) to bypass fixes. | CWE-78 |
| mode | data | package-updates/update.cgi | Webmin 1.962 vulnerability allows arbitrary command execution via the update.cgi endpoint using a crafted payload in the 'u' parameter (with URL-encoded control characters like %0A and %0C and &&) to bypass fixes. | CWE-78 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 03:14Current
9High risk
Vulners AI Score9
CVSS 3.18.8
CVSS 29
EPSS0.28048