Vulnerabilities > CVE-2021-42637 - Server-Side Request Forgery (SSRF) vulnerability in Printerlogic web Stack 19.1.1.13
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Common Weakness Enumeration (CWE)
References
- https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
- https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
- https://www.printerlogic.com/security-bulletin/
- https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
- https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
- https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
- http://printerlogic.com