CVE-2024-36451
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36451
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36451.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36451
- Published
- 2024-07-10T07:15:03.040Z
- Modified
- 2025-11-15T20:59:43.688871Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted.
- References
Affected packages
Git / github.com/webmin/webmin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/webmin/webmin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.700
1.710
1.720
1.730
1.740
1.750
1.760
1.770
1.780
1.790
1.800
1.801
1.810
1.820
1.830
1.831
1.840
1.850
1.860
1.870
1.880
1.890
1.900
1.910
1.920
1.930
1.940
1.941
1.950
1.951
1.953
1.954
1.955
1.960
1.962
1.970
1.972
1.973
1.974
1.979
1.980
1.982
1.983
1.984
1.990
1.991
1.993
1.994
1.995
1.996
1.997
1.998
1.999
2.*
2.000
2.001