PT-2024-6378 · Webmin+2 · Webmin+2
Anna Ascheman
+2
·
Published
2024-09-04
·
Updated
2024-09-18
·
CVE-2024-45692
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Webmin versions prior to 2.202
Virtualmin versions prior to 7.20.2
Description
The issue is related to a network traffic loop via spoofed UDP packets on port 10000, which can cause a denial of service. This problem is associated with an unreachable condition exit cycle. The vulnerability is being actively exploited and can allow a remote attacker to cause a denial of service.
Recommendations
For Webmin versions prior to 2.202, update to version 2.202 or later.
For Virtualmin versions prior to 7.20.2, update to version 7.20.2 or later.
Fix
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Os
Virtualmin
Webmin