CVE-2025-61541 — HIGH (7.1)

Vulnerability Description

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality (forgot_send.cgi). The reset link sent to users is constructed using the HTTP Host header via get_webmin_email_url(). An attacker can manipulate the Host header to inject a malicious domain into the reset email. If a victim follows the poisoned link, the attacker can intercept the reset token and gain full control of the target account.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Webmin	Webmin	2.510

Related Weaknesses (CWE)

CWE-284

References

http://www.webmin.com/Release Notes
https://github.com/bugdotexe/Vulnerability-Research/tree/main/CVE-2025-61541ExploitThird Party Advisory
https://github.com/webmin/webminProduct

FAQ

What is CVE-2025-61541?

CVE-2025-61541 is a vulnerability with a CVSS score of 7.1 (HIGH). Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality (forgot_send.cgi). The reset link sent to users is constructed using the HTTP Host header via get_webmin_email...

How severe is CVE-2025-61541?

CVE-2025-61541 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-61541?

Check the references section above for vendor advisories and patch information. Affected products include: Webmin Webmin.