CVE-2025-67738 PUBLISHED

Assigner: mitre
Reserved: 11.12.2025 Published: 11.12.2025 Updated: 18.12.2025

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions (the "cms" security option).

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 8.5

Attack Vector	Network	Scope	Changed
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Webmin
Product	Webmin
Versions	Default: unaffected affected from 0 to 2.600 (excl.)

References

https://github.com/webmin/webmin/commit/1a52bf4d72f9da6d79250c66e51f41c6f5b880ee
https://github.com/webmin/webmin/compare/2.520...2.600
https://webmin.com/security/#privilige-escalation-using-squid-module-cve-2025-67738

Problem Types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE