CVE-2021-42640

2022-02-0217:18:46

mitre

www.cve.org

printerlogic

web stack

cve-2021-42640

idor

vulnerability

unauthenticated attacker

reassign drivers

printer

AI Score

9.4

Confidence

High

EPSS

0.005

Percentile

77.8%

JSON

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.

References

printerlogic.com

portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints

securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html

thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite

www.printerlogic.com/security-bulletin/

www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite

www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/