本ページは printerlogic web_stack に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-42642 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer. | [email protected] | 7.5 | 1.39% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42641 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users. | [email protected] | 7.5 | 2.03% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42640 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer. | [email protected] | 9.1 | 2.03% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42639 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization. | [email protected] | 6.1 | 1.14% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42637 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability. | [email protected] | 9.8 | 2.23% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42633 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records. | [email protected] | 5.3 | 2.01% | 2022-02-02 | 2026-07-08 |
| CVE-2021-42638 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution. | [email protected] | 8.1 | 5.49% | 2022-02-01 | 2026-07-08 |
| CVE-2021-42635 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution. | [email protected] | 8.1 | 5.52% | 2022-01-31 | 2026-07-08 |
| CVE-2021-42631 | PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution. | [email protected] | 8.1 | 6.12% | 2022-01-31 | 2026-07-08 |