Vulnerabilities > CVE-2021-42631 - Deserialization of Untrusted Data vulnerability in Printerlogic Virtual Appliance and web Stack
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 | |
OS | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
References
- https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
- https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
- https://www.printerlogic.com/security-bulletin/
- https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
- https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
- https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
- http://printerlogic.com