CVE-2025-61541

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-61541

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61541.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-61541

Published

2025-10-16T15:15:34.713Z

Modified

2026-04-10T05:32:36.694768Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVSS Calculator

Summary

[none]

Details

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality (forgotsend.cgi). The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl(). An attacker can manipulate the Host header to inject a malicious domain into the reset email. If a victim follows the poisoned link, the attacker can intercept the reset token and gain full control of the target account.

References

Affected packages

Git / github.com/webmin/webmin

Affected ranges

Type

GIT

Repo

https://github.com/webmin/webmin

Events

Introduced

Last affected

f7058f10b4e98753b3797bc68dc0929a9c03ca22

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.510"
        }
    ]
}

Affected versions

1.*

1.700

1.710

1.720

1.730

1.740

1.750

1.760

1.770

1.780

1.790

1.800

1.801

1.810

1.820

1.830

1.831

1.840

1.850

1.860

1.870

1.880

1.890

1.900

1.910

1.920

1.930

1.940

1.941

1.950

1.951

1.953

1.954

1.955

1.960

1.962

1.970

1.972

1.973

1.974

1.980

1.982

1.983

1.984

1.990

1.991

1.993

1.994

1.995

1.996

1.998

1.999

2.*

2.000

2.001

2.003

2.010

2.011

2.012

2.013

2.020

2.021

2.100

2.103

2.104

2.105

2.110

2.111

2.200

2.201

2.202

2.301

2.302

2.400

2.401

2.402

2.501

2.510

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-61541.json"