Webmin Security Vulnerabilities (CVEs)
Track 14 security vulnerabilities affecting Webmin products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Webmin 2.510 has a Host Header Injection vulnerability in the password reset functionality that allows attackers to manipulate password reset emails. ...
Oct 16, 2025This vulnerability allows remote attackers to execute arbitrary code on Usermin servers by exploiting improper input validation in the uconfig_save.cg...
Apr 28, 2025This vulnerability allows authenticated remote attackers to execute arbitrary commands as root on vulnerable Webmin installations. Attackers can injec...
Dec 30, 2024This vulnerability in Webmin Usermin v2.100 allows attackers to distinguish between valid and invalid user accounts through differences in error messa...
Oct 16, 2024This vulnerability allows attackers to create a network traffic loop via spoofed UDP packets on port 10000, causing denial of service. It affects Webm...
Sep 4, 2024This vulnerability in Webmin's ajaxterm module allows unauthorized users to hijack console sessions when insufficient permissions are improperly handl...
Jul 10, 2024This is a cross-site scripting (XSS) vulnerability in Webmin and Usermin's session_login.cgi that allows attackers to inject malicious scripts. When e...
Jul 10, 2024CVE-2022-36446 is a command injection vulnerability in Webmin's apt-lib.pl module that allows remote attackers to execute arbitrary commands on affect...
Jul 25, 2022This Cross-Site Scripting (XSS) vulnerability in Webmin 1.973 allows attackers to inject malicious scripts via the Scheduled Cron Jobs feature. When e...
Apr 11, 2022This CSRF vulnerability in Webmin 1.973 allows attackers to trick authenticated administrators into performing unauthorized file uploads or downloads ...
Apr 11, 2022This CSRF vulnerability in Webmin's File Manager allows attackers to trick authenticated administrators into performing unauthorized file operations. ...
Apr 11, 2022This vulnerability in Webmin allows attackers to bypass access controls and execute arbitrary code remotely on affected systems. It affects Webmin ins...
Mar 2, 2022CVE-2021-31761 is a reflected cross-site scripting (XSS) vulnerability in Webmin 1.973 that can be exploited to achieve remote command execution throu...
Apr 25, 2021CVE-2020-35769 is a critical vulnerability in Webmin's miniserv.pl CGI handler on Windows that allows remote code execution through improper handling ...
Dec 29, 2020Why Monitor Webmin Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 14+ known vulnerabilities affecting Webmin products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Webmin packages in under 60 seconds. No agents required - completely agentless scanning that works across Webmin deployments.
Free vulnerability database: Access detailed information about every Webmin CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Webmin CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
