// For flags

CVE-2006-4246

 

Severity Score

9.1
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.

Usermin anterior a 1.220 (20060629) permite a atacantes remotos leer ficheros de su elección, posiblemente relacionado con que chfn/save.cgi no está manejando adecuadamente un parámetro shell vacío, lo cual provoca un cambio al shell de root en vez de al shell del usuario especificado.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-08-21 CVE Reserved
  • 2006-09-19 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
<= 1.210
Search vendor "Usermin" for product "Usermin" and version " <= 1.210"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.4
Search vendor "Usermin" for product "Usermin" and version "0.4"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.5
Search vendor "Usermin" for product "Usermin" and version "0.5"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.6
Search vendor "Usermin" for product "Usermin" and version "0.6"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.7
Search vendor "Usermin" for product "Usermin" and version "0.7"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.8
Search vendor "Usermin" for product "Usermin" and version "0.8"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.9
Search vendor "Usermin" for product "Usermin" and version "0.9"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.91
Search vendor "Usermin" for product "Usermin" and version "0.91"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.92
Search vendor "Usermin" for product "Usermin" and version "0.92"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.93
Search vendor "Usermin" for product "Usermin" and version "0.93"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.94
Search vendor "Usermin" for product "Usermin" and version "0.94"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.95
Search vendor "Usermin" for product "Usermin" and version "0.95"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.96
Search vendor "Usermin" for product "Usermin" and version "0.96"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.97
Search vendor "Usermin" for product "Usermin" and version "0.97"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.98
Search vendor "Usermin" for product "Usermin" and version "0.98"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
0.99
Search vendor "Usermin" for product "Usermin" and version "0.99"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.000
Search vendor "Usermin" for product "Usermin" and version "1.000"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.010
Search vendor "Usermin" for product "Usermin" and version "1.010"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.020
Search vendor "Usermin" for product "Usermin" and version "1.020"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.030
Search vendor "Usermin" for product "Usermin" and version "1.030"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.040
Search vendor "Usermin" for product "Usermin" and version "1.040"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.051
Search vendor "Usermin" for product "Usermin" and version "1.051"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.060
Search vendor "Usermin" for product "Usermin" and version "1.060"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.070
Search vendor "Usermin" for product "Usermin" and version "1.070"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.080
Search vendor "Usermin" for product "Usermin" and version "1.080"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.090
Search vendor "Usermin" for product "Usermin" and version "1.090"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.100
Search vendor "Usermin" for product "Usermin" and version "1.100"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.110
Search vendor "Usermin" for product "Usermin" and version "1.110"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.120
Search vendor "Usermin" for product "Usermin" and version "1.120"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.130
Search vendor "Usermin" for product "Usermin" and version "1.130"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.140
Search vendor "Usermin" for product "Usermin" and version "1.140"
-
Affected
Usermin
Search vendor "Usermin"
Usermin
Search vendor "Usermin" for product "Usermin"
1.150
Search vendor "Usermin" for product "Usermin" and version "1.150"
-
Affected