Description
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.
References (1)
Core 1
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.suse.com/show_bug.cgi?id=1114853
Scores
CVSS v3
6.5
EPSS
0.0014
EPSS Percentile
32.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
CWE-20
Status
published
Products (1)
opensuse/yast2-printer
< 4.0.2
Published
Mar 15, 2019
Tracked Since
Feb 18, 2026