cbcvebase.
CVE-2003-0101
published 2003-03-03

CVE-2003-0101: miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in…

PriorityP350critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
15.47%
96.4th percentile
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.

Affected

18 ranges
VendorProductVersion rangeFixed in
engardelinuxguardian_digital_webtool
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
userminusermin
webminwebmin
webminwebmin
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.