CVE-2015-2079 | Usermin up to 1.659 uconfig_save.cgi sig_file_free neutralization of directives

Inserito da Angelo Barbosa | Apr 28, 2025 | CVE

A vulnerability, which was classified as very critical, has been found in Usermin up to 1.659. Affected by this issue is the function sig_file_free of the file uconfig_save.cgi. The manipulation leads to improper neutralization of directives in statically saved code (‘static code injection’).

This vulnerability is handled as CVE-2015-2079. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2015-2079 | Usermin up to 1.659 uconfig_save.cgi sig_file_free neutralization of directives

Post correlati

CVE-2024-4507 | Ruijie RG-UAC up to 20240428 static_route_add_ipv6.php text_prefixlen/text_gateway/devname os command injection

CVE-2023-52120 | Basix NEX-Forms Plugin up to 8.5.2 on WordPress cross-site request forgery

CVE-2024-6197 | libcURL up to 8.6.0/8.7.0/8.7.1/8.8.0 ASN1 Parser utf8asn1str free of memory not on the heap

CVE-2025-39355 | FAT Services Booking Plugin up to 5.6 on WordPress sql injection