Security Advisory

CVE-2025-67738

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 06:34:10

Last updated 2025-12-18 13:59:22

Assigner mitre

State PUBLISHED

Description

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmins Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions (the "cms" security option).

← Browse all CVEs View on cve.org ↗