5 matches found
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
CVE-2019-14450
The CVE-2019-14450 entry concerns Repetier-Server versions 0.8–0.91 where RepetierServer.exe allows directory traversal to create a user-controlled XML file at an unintended location. This is coupled with CVE-2019-14451, where uploading a printer configuration with an external command can lead to...
CVE-2019-14450
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration ...
Command injection
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configuration as a printer configuration, and achie...