CVE-2021-42640

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.

Link	Resource
https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite	Third Party Advisory
https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints	Third Party Advisory
https://www.printerlogic.com/security-bulletin/	Vendor Advisory
https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html	Third Party Advisory
https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/	Exploit Third Party Advisory
https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite	Third Party Advisory
http://printerlogic.com	Product

Configuration 1

cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:* cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:* cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:* cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:* cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*

---

Published : 2022-02-02 06:15

Updated : 2022-02-08 03:38

---

NVD link : CVE-2021-42640

Mitre link : CVE-2021-42640

No products.

CWE-668