CVE-2021-42639

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization.
References
Link Resource
http://printerlogic.com Product
https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints Not Applicable
https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html Third Party Advisory
https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite Third Party Advisory
https://www.printerlogic.com/security-bulletin/ Vendor Advisory
https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite Third Party Advisory
https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/ Exploit Third Party Advisory
http://printerlogic.com Product
https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints Not Applicable
https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html Third Party Advisory
https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite Third Party Advisory
https://www.printerlogic.com/security-bulletin/ Vendor Advisory
https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite Third Party Advisory
https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*
cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*
cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*
cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*
cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*

History

21 Nov 2024, 06:27

Type Values Removed Values Added
References () http://printerlogic.com - Product () http://printerlogic.com - Product
References () https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints - Not Applicable () https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints - Not Applicable
References () https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html - Third Party Advisory () https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html - Third Party Advisory
References () https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite - Third Party Advisory () https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite - Third Party Advisory
References () https://www.printerlogic.com/security-bulletin/ - Vendor Advisory () https://www.printerlogic.com/security-bulletin/ - Vendor Advisory
References () https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite - Third Party Advisory () https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite - Third Party Advisory
References () https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/ - Exploit, Third Party Advisory () https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/ - Exploit, Third Party Advisory

Information

Published : 2022-02-02 18:15

Updated : 2024-11-21 06:27


NVD link : CVE-2021-42639

Mitre link : CVE-2021-42639

CVE.ORG link : CVE-2021-42639


JSON object : View

Products Affected

printerlogic

  • web_stack
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')