CVE-2018-5409

CRITICAL

PrinterLogic Print Management <18.3.1.96 - Code Injection

Title source: llm

Description

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the code in transit.

References (2)

[Third Party Advisory, US Government Resource] https://kb.cert.org/vuls/id/169249/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/108285

Scores

CVSS v3 9.8

EPSS 0.0019

EPSS Percentile 41.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-494 CWE-346

Status published

Affected Products (1)

printerlogic/print_management < 18.3.1.96

Timeline

Published May 08, 2019

Tracked Since Feb 18, 2026