CVE-2015-2079

Name of the Vulnerable Software and Affected Versions Usermin versions 0.980 through 1.x before 1.660

Description The issue allows remote code execution in uconfig save.cgi due to the use of the two-argument form of Perl open(). This affects Usermin, potentially allowing unauthorized access and code execution.

Recommendations For versions 0.980 through 1.x before 1.660, consider disabling the uconfig save.cgi script until a patch is available to prevent remote code execution. Restrict access to the sig file free function to minimize the risk of exploitation. Avoid using the vulnerable open() function in Perl scripts until the issue is resolved.