The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPrinterlogic Print Management
APPPrinterlogic≤ 18.3.1.96
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEAuth Bypass
Powiązane podatności
CVE-2018-5409CRITICAL9.8ten sam produkt
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the c...
CVE-2018-5408HIGH7.4ten sam produkt
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or inco...
CVE-2025-27638CRITICAL9.8PL ✓ten sam vendor
Hardcoded Password w Vasion Print (PrinterLogic) — dostęp bez uwierzytelnienia
CVE-2025-27640CRITICAL9.8PL ✓ten sam vendor
SQL Injection w Vasion Print (PrinterLogic) — zdalne przejęcie kontroli
CVE-2025-27641CRITICAL9.8PL ✓ten sam vendor
Vasion Print / PrinterLogic — pominięcie uwierzytelnienia w API Single Sign-On