An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks.
References
Link | Resource |
---|---|
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17213-Authentication_Bypass-PrinterOn | Exploit Third Party Advisory |
Configurations
Information
Published : 2019-07-29 11:15
Updated : 2019-08-05 07:08
NVD link : CVE-2018-17213
Mitre link : CVE-2018-17213
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
printeron
- central_print_services