VYPR
Unrated severityNVD Advisory· Published Dec 21, 2020· Updated Aug 4, 2024

CVE-2020-35606

CVE-2020-35606

Description

Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Webmin/Webmindescription
  • Webmin/Webminllm-fuzzy
    Range: <=1.962

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.