Vulnerability Details CVE-2024-22076
MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.8%
CVSS Severity
CVSS v3 Score 9.8
References
- https://docs.myq-solution.com/en/print-server/8.2/
- https://docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29
- https://www.access42.nl/nieuws/unmasking-web-vulnerabilities-a-tale-of-default-admin-credentials-and-php-command-execution-cve-2024-22076/
- https://docs.myq-solution.com/en/print-server/8.2/
- https://docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29
- https://www.access42.nl/nieuws/unmasking-web-vulnerabilities-a-tale-of-default-admin-credentials-and-php-command-execution-cve-2024-22076/
Products affected by CVE-2024-22076
-
cpe:2.3:a:myq-solution:print_server:*
-
cpe:2.3:a:myq-solution:print_server:8.2