ZDI-24-1725 - Webmin Webmin

December 20, 2024

Low

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.9. The following CVEs are assigned: CVE-2024-12828.

Affected software

Webmin Webmin

Reference links

https://github.com/webmin/authentic-theme/commit/61e5b10227b50407e3c6ac494ffbd4385d1b59df
http://www.zerodayinitiative.com/advisories/ZDI-24-1725/

ZDI-24-1725 - Webmin Webmin

Affected software

Reference links

Get alerted to vulnerabilities in your software