CVE-2025-2774
AI description
CVE-2025-2774 refers to a vulnerability found in Webmin, a web-based system administration tool commonly used for Unix-like servers. This vulnerability is a CRLF Injection Privilege Escalation vulnerability. The vulnerability stems from Webmin's handling of CGI requests, specifically the "lack of proper neutralization of CRLF sequences". By injecting Carriage Return and Line Feed characters into specific requests, an attacker can manipulate the server's response. Successful exploitation could allow an attacker to escalate privileges and execute arbitrary code with root privileges, gaining significant control over the affected system. Another CVE with a similar number, CVE-2024-2774, is a SQL injection vulnerability found in Campcodes Online Marriage Registration System. Also, CVE-2025-27743 refers to an untrusted search path in System Center that allows an authorized attacker to elevate privileges locally.
- Description
- -
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
28
Webminにおける深刻な権限昇格の脆弱性CVE-2025-2774について。CGIリクエストの取扱いにおけるCRLFインジェクションの脆弱性で、Webminへのログインが可能な攻撃者がroot権限での任意コード実行を行うこと可能。バ
@__kokumoto
5 May 2025
335 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation https://t.co/r4UHQZsQgA "The vulnerability, identified as CVE-2025-2774, is a CRLF Injection Privilege Escalation Vulnerability with a CVSS score of 8.8, indicating its high severity"
@catnap707
5 May 2025
127 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Webmin Privilege Escalation Vulnerability 📅 Timeline: Disclosure: 2025-05-04, Patch: 2025-05-04 🆔cveId: CVE-2025-2774 📊baseScore: 8.8 📏cvssMetrics: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity: High 🟠 📈 EPSS Percentil
@syedaquib77
4 May 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2774 : Webmin Vulnerability Allows Root-Level Privilege Escalation https://t.co/VD9cnVPYHK
@freedomhack101
4 May 2025
47 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
Vulnerabilidad en Webmin CVE-2025-2774 CRLF Injection Privilege Escalation https://t.co/hm15BEL2uG https://t.co/7LOPVT0zk8
@elhackernet
4 May 2025
3494 Impressions
8 Retweets
38 Likes
8 Bookmarks
0 Replies
0 Quotes
CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation https://t.co/dfIf4PSNpZ
@the_yellow_fall
4 May 2025
267 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Webminにリモートの攻撃者が特定のリクエストを通じてroot権限を取得し、任意のコードを実行できる可能性(CVE-2025-2774)。CRLFインジェクションによる特権昇格の問題に起因している。 https://t.co/lZOqMw7Qst
@yousukezan
4 May 2025
1448 Impressions
1 Retweet
15 Likes
3 Bookmarks
1 Reply
0 Quotes
CVE-2025-2774: Webmin Vulnerability Allows Root-Level Privilege Escalation https://t.co/yPmvLmfH1d
@Dinosn
4 May 2025
8106 Impressions
45 Retweets
155 Likes
59 Bookmarks
0 Replies
0 Quotes