Security Advisory

CVE-2022-30708

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-15 02:30:14

Last updated 2024-08-03 06:56:13

Assigner mitre

State PUBLISHED

Description

Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter.

← Browse all CVEs View on cve.org ↗