| |
Podatność CVE-2023-4957
Publikacja: 2023-10-11
Opis: |
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled. |
Typ:
CWE-288 (Authentication Bypass Using an Alternate Path or Channel)
Referencje: |
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/authentication-bypass-zebra-ztc
|
|
|
Copyright 2024, cxsecurity.com
|
|
|