3 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges. XLPD versiones v7.0.0094 y anteriores, contienen una vulnerabilidad de ruta de servicio no citada que permite a usuarios locales lanzar procesos con altos privilegios • https://github.com/ycdxsb/Vuln/blob/main/Xlpd-Unquoted-Service-Path/XLpd-Unquoted-Service-Path.md https://www.netsarang.com/en/xlpd-update-history • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1

Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Xlpd versiones v7.0.0094 y anteriores, contiene una vulnerabilidad de secuestro binario que permite a atacantes ejecutar código arbitrario por medio de un archivo .exe diseñado • https://github.com/ycdxsb/Vuln/tree/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xlpd-CreateProcessW-Misuse-Binary-Hijack https://www.netsarang.com/en/xlpd-update-history • CWE-428: Unquoted Search Path or Element •

CVSS: 5.0EPSS: 15%CPEs: 2EXPL: 5

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request. NetSarang Xlpd v4 Build 0100 y NetSarang Xmanager Enterprise c4 Build 0186, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición LPD mal formada. • https://www.exploit-db.com/exploits/18454 http://secpod.org/advisories/SecPod_Exploit_NetSarang_Xlpd_Printer_Daemon_DoS_Vuln.txt http://secpod.org/blog/?p=457 http://www.exploit-db.com/exploits/18454 http://www.securityfocus.com/bid/51821 https://exchange.xforce.ibmcloud.com/vulnerabilities/72933 •