Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2018-20106
HistoryMar 15, 2019 - 8:29 p.m.

Code injection

2019-03-1520:29:00
PRIOn knowledge base
www.prio-n.com

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

In yast2-printer up to and including version 4.0.2 the SMB printer settings don’t escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.

CPENameOperatorVersion
yast2-printerle4.0.2

Related

cve 1
cvelist 1
nvd 1
cve
cve
CVE-2018-20106
2019-03-15 20:29:00
cvelist
cvelist
CVE-2018-20106 SMB printer settings don't escape characters in passwords properly
2018-11-06 00:00:00
nvd
nvd
CVE-2018-20106
2019-03-15 20:29:00

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON
Related for PRION:CVE-2018-20106
cve1cvelist1nvd1