CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
95.7%
Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
Vendor | Product | Version | CPE |
---|---|---|---|
cyan_soft | cyanprintip_basic | * | cpe:2.3:a:cyan_soft:cyanprintip_basic:*:*:*:*:*:*:*:* |
cyan_soft | cyanprintip_easy_opi | * | cpe:2.3:a:cyan_soft:cyanprintip_easy_opi:*:*:*:*:*:*:*:* |
cyan_soft | cyanprintip_professional | * | cpe:2.3:a:cyan_soft:cyanprintip_professional:*:*:*:*:*:*:*:* |
cyan_soft | cyanprintip_standard | * | cpe:2.3:a:cyan_soft:cyanprintip_standard:*:*:*:*:*:*:*:* |
cyan_soft | cyanprintip_workstation | * | cpe:2.3:a:cyan_soft:cyanprintip_workstation:*:*:*:*:*:*:*:* |
cyan_soft | opium4_opi_server | * | cpe:2.3:a:cyan_soft:opium4_opi_server:*:*:*:*:*:*:*:* |