RSS   Vulnerabilities for 'Print management'   RSS

2019-05-08
 
CVE-2019-9505

CWE-20
 

 
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges.

 
 
CVE-2018-5409

CWE-346
 

 
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.

 
 
CVE-2018-5408

CWE-295
 

 
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host.

 

 >>> Vendor: Printerlogic 2 Products
Print management
Web stack


Copyright 2024, cxsecurity.com

 

Back to Top