Lucene search

MitreCVE-2024-22076

HistoryJan 23, 2024 - 11:15 a.m.

CVE-2024-22076

2024-01-2311:15:09

mitre

web.nvd.nist.gov

myq print server

unauthenticated

remote code execution

cve-2024-22076

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.003

Percentile

71.6%

JSON

MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface.

Affected configurations

Nvd

Node

myq-solutionprint_serverRange<8.2

myq-solutionprint_serverMatch8.2-

myq-solutionprint_serverMatch8.2beta1

myq-solutionprint_serverMatch8.2patch1

myq-solutionprint_serverMatch8.2patch10

myq-solutionprint_serverMatch8.2patch11

myq-solutionprint_serverMatch8.2patch12

myq-solutionprint_serverMatch8.2patch13

myq-solutionprint_serverMatch8.2patch14

myq-solutionprint_serverMatch8.2patch15

myq-solutionprint_serverMatch8.2patch16

myq-solutionprint_serverMatch8.2patch17

myq-solutionprint_serverMatch8.2patch18

myq-solutionprint_serverMatch8.2patch19

myq-solutionprint_serverMatch8.2patch2

myq-solutionprint_serverMatch8.2patch20

myq-solutionprint_serverMatch8.2patch21

myq-solutionprint_serverMatch8.2patch22

myq-solutionprint_serverMatch8.2patch23

myq-solutionprint_serverMatch8.2patch24

myq-solutionprint_serverMatch8.2patch25

myq-solutionprint_serverMatch8.2patch26

myq-solutionprint_serverMatch8.2patch27

myq-solutionprint_serverMatch8.2patch28

myq-solutionprint_serverMatch8.2patch29

myq-solutionprint_serverMatch8.2patch3

myq-solutionprint_serverMatch8.2patch30

myq-solutionprint_serverMatch8.2patch31

myq-solutionprint_serverMatch8.2patch32

myq-solutionprint_serverMatch8.2patch33

myq-solutionprint_serverMatch8.2patch34

myq-solutionprint_serverMatch8.2patch35

myq-solutionprint_serverMatch8.2patch36

myq-solutionprint_serverMatch8.2patch37

myq-solutionprint_serverMatch8.2patch38

myq-solutionprint_serverMatch8.2patch39

myq-solutionprint_serverMatch8.2patch4

myq-solutionprint_serverMatch8.2patch40

myq-solutionprint_serverMatch8.2patch41

myq-solutionprint_serverMatch8.2patch42

myq-solutionprint_serverMatch8.2patch5

myq-solutionprint_serverMatch8.2patch6

myq-solutionprint_serverMatch8.2patch7

myq-solutionprint_serverMatch8.2patch8

myq-solutionprint_serverMatch8.2patch9

myq-solutionprint_serverMatch8.2rc1

myq-solutionprint_serverMatch8.2rc2

myq-solutionprint_serverMatch8.2rc3

VendorProductVersionCPE
myq-solutionprint_server*cpe:2.3:a:myq-solution:print_server:*:*:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:-:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:beta1:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch1:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch10:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch11:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch12:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch13:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch14:*:*:*:*:*:*
myq-solutionprint_server8.2cpe:2.3:a:myq-solution:print_server:8.2:patch15:*:*:*:*:*:*

Vendor	Product	Version	CPE
myq-solution	print_server	*	cpe:2.3:a:myq-solution:print_server::::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:-::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:beta1::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch1::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch10::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch11::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch12::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch13::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch14::::::
myq-solution	print_server	8.2	cpe:2.3:a:myq-solution:print_server:8.2:patch15::::::

Rows per page:

1-10 of 481

References

docs.myq-solution.com/en/print-server/8.2/

docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29

www.access42.nl/nieuws/unmasking-web-vulnerabilities-a-tale-of-default-admin-credentials-and-php-command-execution-cve-2024-22076/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.003

Percentile

71.6%

JSON

Related for CVE-2024-22076