CVE-2018-5409
PrinterLogic Print Management Software updates and executes the code without origin and code verification
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.
El programa PrinterLogic Print Management, hasta la versión 18.3.1.96 incluyendola, actualiza y ejecuta el código sin comprobar suficientemente el origen y la integridad del código. Un atacante puede ejecutar código malicioso al comprometer el servidor host, realizar una falsificación de DNS o modificar el código en tránsito.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-01-12 CVE Reserved
- 2019-05-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-346: Origin Validation Error
- CWE-494: Download of Code Without Integrity Check
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108285 | Vdb Entry | |
| https://kb.cert.org/vuls/id/169249 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Printerlogic Search vendor "Printerlogic" | Print Management Search vendor "Printerlogic" for product "Print Management" | <= 18.3.1.96 Search vendor "Printerlogic" for product "Print Management" and version " <= 18.3.1.96" | - |
Affected
| ||||||