CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
Percentile
72.8%
Webmin is a web-based system management tool. Webmin for Windows contains a vulnerability that allows an unauthorized Webmin user to execute OS commands by entering a specially crafted URL.
An attacker could execute arbitrary OS commands with Local System privileges on a computer where Webmin is installed.
Update the Software
Webmin 1.370, in which the vulnerability is fixed, has been released by the Webmin project.
Webmin 1.360 for Windows and earlier