Lucene search

[email protected]NVD:CVE-2023-36143

HistoryJun 30, 2023 - 1:15 a.m.

CVE-2023-36143

2023-06-3001:15:08

CWE-78

[email protected]

web.nvd.nist.gov

maxprint maxlink 1200g

os command injection

diagnostic tool

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the “Diagnostic tool” functionality of the device.

Affected configurations

Nvd

Node

maxprintispmaxlink_1200g_firmwareMatch3.4.11e

AND

maxprintispmaxlink_1200gMatch-

VendorProductVersionCPE
maxprintispmaxlink_1200g_firmware3.4.11ecpe:2.3:o:maxprintisp:maxlink_1200g_firmware:3.4.11e:*:*:*:*:*:*:*
maxprintispmaxlink_1200g-cpe:2.3:h:maxprintisp:maxlink_1200g:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
maxprintisp	maxlink_1200g_firmware	3.4.11e	cpe:2.3:o:maxprintisp:maxlink_1200g_firmware:3.4.11e:::::::*
maxprintisp	maxlink_1200g	-	cpe:2.3:h:maxprintisp:maxlink_1200g:-:::::::*

References

maxlink.com

github.com/leonardobg/CVE-2023-36143

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

Related for NVD:CVE-2023-36143

cve1 prion1 cvelist1