Lucene search

K
cve[email protected]CVE-2014-9002
HistoryNov 20, 2014 - 1:55 p.m.

CVE-2014-9002

2014-11-2013:55:12
CWE-264
web.nvd.nist.gov
39
lantronix
xprintserver
remote code execution
cve-2014-9002
nvd

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.1%

Lantronix xPrintServer does not properly restrict access to ips/, which allows remote attackers to execute arbitrary commands via the c parameter in an rpc action.

Affected configurations

NVD
Node
lantronixxprintserverMatch-

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.031 Low

EPSS

Percentile

91.1%

Related for CVE-2014-9002