First published: Tue Oct 25 2022(Updated: )
Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Webmin Usermin | <=1.850 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-35132 is a vulnerability in Usermin through version 1.850 that allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
CVE-2022-35132 has a severity score of 8.8, which is classified as high.
Usermin versions up to and including 1.850 are affected by CVE-2022-35132.
To fix CVE-2022-35132, users should update Usermin to a version higher than 1.850.
More information about CVE-2022-35132 can be found at the following references: [link1], [link2].