Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Printerlogic Subscribe
Filtered by product Web Stack
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-42640 1 Printerlogic 1 Web Stack 2022-02-08 6.4 MEDIUM 9.1 CRITICAL
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.
CVE-2021-42641 1 Printerlogic 1 Web Stack 2022-02-08 5.0 MEDIUM 7.5 HIGH
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.
CVE-2021-42642 1 Printerlogic 1 Web Stack 2022-02-08 5.0 MEDIUM 7.5 HIGH
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
CVE-2021-42639 1 Printerlogic 1 Web Stack 2022-02-08 4.3 MEDIUM 6.1 MEDIUM
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.
CVE-2021-42637 1 Printerlogic 1 Web Stack 2022-02-08 7.5 HIGH 9.8 CRITICAL
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.
CVE-2021-42633 1 Printerlogic 1 Web Stack 2022-02-07 5.0 MEDIUM 5.3 MEDIUM
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records.
CVE-2021-42631 3 Apple, Linux, Printerlogic 4 Macos, Linux Kernel, Virtual Appliance and 1 more 2022-02-02 9.3 HIGH 8.1 HIGH
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.
CVE-2021-42635 3 Apple, Linux, Printerlogic 3 Macos, Linux Kernel, Web Stack 2022-02-02 9.3 HIGH 8.1 HIGH
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.
CVE-2021-42638 3 Apple, Linux, Printerlogic 3 Macos, Linux Kernel, Web Stack 2022-02-02 9.3 HIGH 8.1 HIGH
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.