Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
18 vulnerabilities found for web_stack by printerlogic
CVE-2021-42642 (GCVE-0-2021-42642)
Vulnerability from nvd – Published: 2022-02-02 17:23 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:23:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42642",
"datePublished": "2022-02-02T17:23:01.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:50.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42641 (GCVE-0-2021-42641)
Vulnerability from nvd – Published: 2022-02-02 17:21 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:21:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42641",
"datePublished": "2022-02-02T17:21:27.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42640 (GCVE-0-2021-42640)
Vulnerability from nvd – Published: 2022-02-02 17:18 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:19:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42640",
"datePublished": "2022-02-02T17:18:46.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42639 (GCVE-0-2021-42639)
Vulnerability from nvd – Published: 2022-02-02 17:16 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:16:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42639",
"datePublished": "2022-02-02T17:16:40.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42637 (GCVE-0-2021-42637)
Vulnerability from nvd – Published: 2022-02-02 17:14 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:14:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42637",
"datePublished": "2022-02-02T17:14:36.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42633 (GCVE-0-2021-42633)
Vulnerability from nvd – Published: 2022-02-02 17:10 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:10:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42633",
"datePublished": "2022-02-02T17:10:08.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42638 (GCVE-0-2021-42638)
Vulnerability from nvd – Published: 2022-02-01 22:08 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-01T22:08:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42638",
"datePublished": "2022-02-01T22:08:54.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42635 (GCVE-0-2021-42635)
Vulnerability from nvd – Published: 2022-01-31 17:54 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T17:54:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42635",
"datePublished": "2022-01-31T17:54:50.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:50.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42631 (GCVE-0-2021-42631)
Vulnerability from nvd – Published: 2022-01-31 17:48 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T17:48:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42631",
"datePublished": "2022-01-31T17:48:05.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42642 (GCVE-0-2021-42642)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:23 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:23:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42642",
"datePublished": "2022-02-02T17:23:01.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:50.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42641 (GCVE-0-2021-42641)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:21 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:21:39.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42641",
"datePublished": "2022-02-02T17:21:27.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42640 (GCVE-0-2021-42640)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:18 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:19:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42640",
"datePublished": "2022-02-02T17:18:46.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42639 (GCVE-0-2021-42639)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:16 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:16:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42639",
"datePublished": "2022-02-02T17:16:40.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42637 (GCVE-0-2021-42637)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:14 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:14:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42637",
"datePublished": "2022-02-02T17:14:36.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42633 (GCVE-0-2021-42633)
Vulnerability from cvelistv5 – Published: 2022-02-02 17:10 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-02T17:10:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42633",
"datePublished": "2022-02-02T17:10:08.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42638 (GCVE-0-2021-42638)
Vulnerability from cvelistv5 – Published: 2022-02-01 22:08 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-01T22:08:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42638",
"datePublished": "2022-02-01T22:08:54.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42635 (GCVE-0-2021-42635)
Vulnerability from cvelistv5 – Published: 2022-01-31 17:54 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T17:54:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42635",
"datePublished": "2022-01-31T17:54:50.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:50.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42631 (GCVE-0-2021-42631)
Vulnerability from cvelistv5 – Published: 2022-01-31 17:48 – Updated: 2024-08-04 03:38
VLAI?
Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:49.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-31T17:48:05.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://printerlogic.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://printerlogic.com",
"refsource": "MISC",
"url": "http://printerlogic.com"
},
{
"name": "https://www.printerlogic.com/security-bulletin/",
"refsource": "CONFIRM",
"url": "https://www.printerlogic.com/security-bulletin/"
},
{
"name": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/",
"refsource": "MISC",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/"
},
{
"name": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite",
"refsource": "MISC",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"name": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"name": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints",
"refsource": "MISC",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"name": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite",
"refsource": "MISC",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42631",
"datePublished": "2022-01-31T17:48:05.000Z",
"dateReserved": "2021-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:49.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}