Shodan
Vulnerabilities
Vulnerable Software
Printerlogic:  Security Vulnerabilities
CVE-2021-42633
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.
CVSS Score
5.3
EPSS Score
0.006
Published
2022-02-02
CVE-2021-42637
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
CVSS Score
9.8
EPSS Score
0.015
Published
2022-02-02
CVE-2021-42639
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.
CVSS Score
6.1
EPSS Score
0.008
Published
2022-02-02
CVE-2021-42640
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.
CVSS Score
9.1
EPSS Score
0.008
Published
2022-02-02
CVE-2021-42641
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-02-02
CVE-2021-42642
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-02-02
CVE-2021-42638
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
CVSS Score
8.1
EPSS Score
0.25
Published
2022-02-01
CVE-2021-42631
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
CVSS Score
8.1
EPSS Score
0.206
Published
2022-01-31
CVE-2021-42635
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
CVSS Score
8.1
EPSS Score
0.235
Published
2022-01-31
CVE-2019-9505
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. An unauthenticated attacker may be able to remotely execute arbitrary code with SYSTEM privileges.
CVSS Score
9.8
EPSS Score
0.02
Published
2019-05-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved