Webmin Unspecified Command Execution Vulnerability

BID:25773

Info

Webmin Unspecified Command Execution Vulnerability

Bugtraq ID: 25773
Class: Unknown
CVE: CVE-2007-5066
Remote: Yes
Local: No
Published: Sep 20 2007 12:00AM
Updated: May 07 2015 05:35PM
Credit: The vendor reported this issue.
Vulnerable: Webmin Webmin 1.290
Webmin Webmin 1.280
Webmin Webmin 1.270
Webmin Webmin 1.260
Webmin Webmin 1.250
Webmin Webmin 1.240
Webmin Webmin 1.230
Webmin Webmin 1.220
Webmin Webmin 1.210
Webmin Webmin 1.200
Webmin Webmin 1.190
Webmin Webmin 1.180
Webmin Webmin 1.170
Webmin Webmin 1.160
Webmin Webmin 1.150
Webmin Webmin 1.140
Webmin Webmin 1.130
Webmin Webmin 1.121
Webmin Webmin 1.110
Webmin Webmin 1.100
Webmin Webmin 1.0 90
Webmin Webmin 1.0 80
Webmin Webmin 1.0 70
+ HP Apache-Based Web Server 1.3.27 .01
 + HP Apache-Based Web Server 1.3.27 .01
 + HP Webmin-Based Admin 1.0.1 .01
 + HP Webmin-Based Admin 1.0.1 .01
 + Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
Webmin Webmin 1.0 60
Webmin Webmin 1.0 50
Webmin Webmin 1.0 20
Webmin Webmin 1.0 00
Webmin Webmin 1.350
Webmin Webmin 1.340
Webmin Webmin 1.330
Webmin Webmin 1.320
Webmin Webmin 1.296
Not Vulnerable: Webmin Webmin 1.370

Discussion

Webmin Unspecified Command Execution Vulnerability

Webmin is prone to a vulnerability that allows attackers to execute arbitrary commands.

An attacker may leverage this issue to run arbitrary commands on an affected computer with the privileges of the application. This can lead to privilege escalation or other attacks.

Versions prior to Webmin 1.370 are vulnerable to this issue.

Exploit / POC

Webmin Unspecified Command Execution Vulnerability

An attacker can exploit this vulnerability with a browser.

Solution / Fix

Webmin Unspecified Command Execution Vulnerability

Solution:
The vendor has released Webmin 1.370 to address this issue. Please see the references for more information.


Webmin Webmin 1.330

Webmin Webmin 1.296

Webmin Webmin 1.350

Webmin Webmin 1.340

Webmin Webmin 1.320

Webmin Webmin 1.0 00

Webmin Webmin 1.0 90

Webmin Webmin 1.0 50

Webmin Webmin 1.0 80

Webmin Webmin 1.0 70

Webmin Webmin 1.0 60

Webmin Webmin 1.0 20

Webmin Webmin 1.100

Webmin Webmin 1.110

Webmin Webmin 1.121

Webmin Webmin 1.130

Webmin Webmin 1.140

Webmin Webmin 1.150

Webmin Webmin 1.160

Webmin Webmin 1.170

Webmin Webmin 1.180

Webmin Webmin 1.190

Webmin Webmin 1.200

Webmin Webmin 1.210

Webmin Webmin 1.220

Webmin Webmin 1.230

Webmin Webmin 1.240

Webmin Webmin 1.250

Webmin Webmin 1.260

Webmin Webmin 1.270

Webmin Webmin 1.280

Webmin Webmin 1.290

References

Webmin Unspecified Command Execution Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report