43 matches found
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
Repetier Server 安全漏洞
Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server versions 1.4.10 and earlier that originates from allowing operations to be performed as SYSTEM...
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...
CVE-2023-31061
Repetier Server through 1.4.10 does not have CSRF protection...
CVE-2023-31060
CVE-2023-31060 affects Repetier Server up to version 1.4.10, where the process can execute with SYSTEM privileges. The description notes that this can be leveraged in conjunction with CVE-2023-31059 for full compromise. Connected documents provide CVE-2023-31059 details (directory traversal), but...
PT-2023-23126 · Unknown · Repetier Server
Name of the Vulnerable Software and Affected Versions: Repetier Server versions prior to 1.4.11 Description: The issue allows for execution as SYSTEM, which can be exploited for full compromise when combined with other vulnerabilities. Recommendations: For Repetier Server versions prior to 1.4.11...
PT-2023-23125 · Unknown · Repetier Server
Name of the Vulnerable Software and Affected Versions: Repetier Server versions prior to 1.4.11 Description: The issue allows directory traversal for reading files that contain credentials. This can be demonstrated by accessing the connectionLost.php file. It is estimated that about 1,766 devices...
PT-2023-23127 · Unknown · Repetier Server
Name of the Vulnerable Software and Affected Versions: Repetier Server versions through 1.4.10 Description: The issue is related to the lack of CSRF protection. This means that the software does not have measures in place to prevent cross-site request forgery attacks, which could allow an attacke...
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...
Repetier Server 路径遍历漏洞
Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server version 1.4.10 and prior versions that stems from the presence of a directory traversal vulnerability...
Repetier Server 跨站请求伪造漏洞
Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server version 1.4.10 and prior versions that stems from the lack of cross-site request forgery protection...
CVE-2023-31059
Repetier Server ( Version 1.4.10 and earlier ) is affected by a directory traversal vulnerability ( CVE-2023-31059 ) that allows reading files containing credentials via a ..%5c traversal vector, as demonstrated by connectionLost.php. Affected component is the server software itself; root cause i...
CVE-2023-31061
The CVE-2023-31061 entry concerns Repetier Server versions through 1.4.10 that lack CSRF protection. The Red Hat/NVD/EUVD/CNNVD and other connected records confirm the product and version range affected and identify CSRF protection as the underlying issue, with a high impact vector (C, I, A) and ...
Repetier-Server Path Traversal Vulnerability
Repetier-Server is a 3D printer control application. A path traversal vulnerability in the RepetierServer.exe file in Repetier-Server versions 0.8 through 0.91, which arises from a failure of a networked system or product to properly filter for specific elements in the path of a resource or file,...
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
CVE-2019-14450
The CVE-2019-14450 entry concerns Repetier-Server versions 0.8–0.91 where RepetierServer.exe allows directory traversal to create a user-controlled XML file at an unintended location. This is coupled with CVE-2019-14451, where uploading a printer configuration with an external command can lead to...
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
Repetier-Server Code Issue Vulnerability
Repetier-Server is a 3D printer control application. A code issue vulnerability exists in the RepetierServer.exe file in Repetier-Server versions 0.8 through 0.91, which can be exploited by an attacker to remotely execute code...
CVE-2019-14451
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configuration as a printer configuration, and achie...