Vulnerability CVE-2019-9505
Published: 2019-05-08

Description:
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Printerlogic -> Print management 

 References:
http://www.securityfocus.com/bid/108285
https://kb.cert.org/vuls/id/169249/
Copyright 2024, cxsecurity.com

 

Back to Top