Vulnerabilities > CVE-2021-42631 - Deserialization of Untrusted Data vulnerability in Printerlogic Virtual Appliance and web Stack
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 | |
| OS | 1 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
References
- https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
- https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
- https://www.printerlogic.com/security-bulletin/
- https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
- https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
- https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
- http://printerlogic.com