CVE-2020-35769

Name of the Vulnerable Software and Affected Versions Webmin version 1.962

Description The issue concerns the miniserv.pl component in Webmin, which mishandles special characters in query arguments to the CGI program. This can be exploited when sending queries to the miniserv.pl CGI endpoint, potentially allowing for malicious actions due to the improper handling of special characters in query arguments.

Recommendations For Webmin version 1.962, consider disabling the miniserv.pl CGI program until a patch is available to prevent potential exploitation due to the mishandling of special characters in query arguments. Restrict access to the miniserv.pl component to minimize the risk of exploitation. Avoid using special characters in query arguments to the affected CGI program until the issue is resolved.