Sign-up

ID

VAR-202201-1301


CVE

CVE-2021-44737


TITLE

Lexmark Path Traversal Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2022-08185 // CNNVD: CNNVD-202201-1808

DESCRIPTION

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. plural Lexmark The device contains a path traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of PJL commands. The issue results from an exposed danagerous function, which can allow the creation of arbitrary files. An attacker can leverage this vulnerability to execute code in the context of root. Lexmark is a line of printers in the United States. A path traversal vulnerability exists in Lexmark devices that stems from the product's failure to properly filter special elements in resource or file paths

Trust: 2.79

sources: NVD: CVE-2021-44737 // JVNDB: JVNDB-2022-003882 // ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-08185

AFFECTED PRODUCTS

vendor:lexmarkmodel:c2240scope:ltversion:cstzj.076.294

Trust: 1.0

vendor:lexmarkmodel:mx718scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:m5155scope:ltversion:lw80.dn4.p210

Trust: 1.0

vendor:lexmarkmodel:mx810scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:c950scope:ltversion:lhs60.tp.p753

Trust: 1.0

vendor:lexmarkmodel:xm7170scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:ms911scope:ltversion:lw80.sa.p210

Trust: 1.0

vendor:lexmarkmodel:ms810dnscope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:xs955scope:ltversion:lhs60.tq.p753

Trust: 1.0

vendor:lexmarkmodel:mx722scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:mx410scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:ms610dnscope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:b2650scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:xc4150scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:ms812descope:ltversion:lw80.dn7.p210

Trust: 1.0

vendor:lexmarkmodel:cx622scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:b2236scope:ltversion:mslsg.076.294

Trust: 1.0

vendor:lexmarkmodel:b3340scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:cx727scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:cs331scope:ltversion:cslbl.076.294

Trust: 1.0

vendor:lexmarkmodel:cx510scope:ltversion:lw80.gm7.p210

Trust: 1.0

vendor:lexmarkmodel:cs431scope:ltversion:cslbn.076.294

Trust: 1.0

vendor:lexmarkmodel:mb2442scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:mb2236scope:ltversion:mxlsg.076.294

Trust: 1.0

vendor:lexmarkmodel:b2442scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:b2865scope:ltversion:msngw.076.294

Trust: 1.0

vendor:lexmarkmodel:cx331scope:ltversion:cxlbl.076.294

Trust: 1.0

vendor:lexmarkmodel:cx860scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:xc9265scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:xm3150scope:ltversion:lw80.sb7.p210

Trust: 1.0

vendor:lexmarkmodel:m5163dnscope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:cs720scope:ltversion:cstat.076.294

Trust: 1.0

vendor:lexmarkmodel:xc2326scope:ltversion:cxlbn.076.294

Trust: 1.0

vendor:lexmarkmodel:mx811scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:m5255scope:ltversion:mstgw.076.294

Trust: 1.0

vendor:lexmarkmodel:mb2338scope:ltversion:mxngm.076.294

Trust: 1.0

vendor:lexmarkmodel:xc4143scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:cx417scope:ltversion:lw80.gm4.p210

Trust: 1.0

vendor:lexmarkmodel:xm3250scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:cx421scope:ltversion:cxnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:mc2325scope:ltversion:cxnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:b2546scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:mc2535scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:cs923scope:ltversion:cstmh.076.294

Trust: 1.0

vendor:lexmarkmodel:c734scope:ltversion:lr.sk.p835

Trust: 1.0

vendor:lexmarkmodel:e46xscope:ltversion:lr.lbh.p835

Trust: 1.0

vendor:lexmarkmodel:mx431scope:ltversion:mxlbd.076.294

Trust: 1.0

vendor:lexmarkmodel:ms825scope:ltversion:msngw.076.294

Trust: 1.0

vendor:lexmarkmodel:cx825scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:cx431scope:ltversion:cxlbn.076.294

Trust: 1.0

vendor:lexmarkmodel:ms517scope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:cs410scope:ltversion:lw80.vy2.p210

Trust: 1.0

vendor:lexmarkmodel:xc2132scope:ltversion:lw80.gm7.p210

Trust: 1.0

vendor:lexmarkmodel:ms711scope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:mx622scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:xs950scope:ltversion:lhs60.tq.p753

Trust: 1.0

vendor:lexmarkmodel:mx717scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:cs748scope:ltversion:lhs60.cm4.p753

Trust: 1.0

vendor:lexmarkmodel:cs820scope:ltversion:cstpp.076.294

Trust: 1.0

vendor:lexmarkmodel:cx920scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:cs517scope:ltversion:lw80.vy4.p210

Trust: 1.0

vendor:lexmarkmodel:mc2425scope:ltversion:cxnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:c3426scope:ltversion:cslbn.076.294

Trust: 1.0

vendor:lexmarkmodel:mb2650scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:ms810descope:ltversion:lw80.dn4.p210

Trust: 1.0

vendor:lexmarkmodel:xm9155scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:x954scope:ltversion:lhs60.tq.p753

Trust: 1.0

vendor:lexmarkmodel:xm5365scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:cx923scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:m3150descope:ltversion:lw80.pr4.p210

Trust: 1.0

vendor:lexmarkmodel:c792scope:ltversion:lhs60.hc.p753

Trust: 1.0

vendor:lexmarkmodel:m1140scope:ltversion:lw80.prl.p210

Trust: 1.0

vendor:lexmarkmodel:mx421scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:c2325scope:ltversion:csnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:xm5170scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:mx6500escope:ltversion:lw80.jd.p210

Trust: 1.0

vendor:lexmarkmodel:xm1140scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:m1140\+scope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:mx822scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:ms823scope:ltversion:msngw.076.294

Trust: 1.0

vendor:lexmarkmodel:xc2130scope:ltversion:lw80.gm4.p210

Trust: 1.0

vendor:lexmarkmodel:ms431scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:m1342scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:cx317scope:ltversion:lw80.gm2.p210

Trust: 1.0

vendor:lexmarkmodel:x746scope:ltversion:lhs60.ny.p753

Trust: 1.0

vendor:lexmarkmodel:c746scope:ltversion:lhs60.cm2.p753

Trust: 1.0

vendor:lexmarkmodel:mb2770scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:xm1242scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:m1246scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:ms410scope:ltversion:lw80.prl.p210

Trust: 1.0

vendor:lexmarkmodel:mx521scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:ms315scope:ltversion:lw80.tl2.p210

Trust: 1.0

vendor:lexmarkmodel:m3150dnscope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:ms811scope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:xm9145scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:xm1246scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:xm7370scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:cx725scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:cs417scope:ltversion:lw80.vy2.p210

Trust: 1.0

vendor:lexmarkmodel:x952scope:ltversion:lhs60.tq.p753

Trust: 1.0

vendor:lexmarkmodel:xc2235scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:xm5263scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:xm9165scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:ms610descope:ltversion:lw80.pr4.p210

Trust: 1.0

vendor:lexmarkmodel:xs795scope:ltversion:lhs60.mr.p753

Trust: 1.0

vendor:lexmarkmodel:6500escope:ltversion:lhs60.jr.p753

Trust: 1.0

vendor:lexmarkmodel:mx317scope:ltversion:lw80.sb2.p210

Trust: 1.0

vendor:lexmarkmodel:cx522scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:mx911scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:cx625scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:mx611scope:ltversion:lw80.sb7.p210

Trust: 1.0

vendor:lexmarkmodel:xm7355scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:cs310scope:ltversion:lw80.vyl.p210

Trust: 1.0

vendor:lexmarkmodel:xm7270scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:mx610scope:ltversion:lw80.sb7.p210

Trust: 1.0

vendor:lexmarkmodel:xs925scope:ltversion:lhs60.hk.p753

Trust: 1.0

vendor:lexmarkmodel:c9235scope:ltversion:cstmh.076.294

Trust: 1.0

vendor:lexmarkmodel:c6160scope:ltversion:cstpp.076.294

Trust: 1.0

vendor:lexmarkmodel:cx820scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:ms417scope:ltversion:lw80.tl2.p210

Trust: 1.0

vendor:lexmarkmodel:m5270scope:ltversion:mstgw.076.294

Trust: 1.0

vendor:lexmarkmodel:mx710scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:c2132scope:ltversion:lw80.vy4.p210

Trust: 1.0

vendor:lexmarkmodel:ms317scope:ltversion:lw80.prl.p210

Trust: 1.0

vendor:lexmarkmodel:mx310scope:ltversion:lw80.sb2.p210

Trust: 1.0

vendor:lexmarkmodel:ms521scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:xc6153scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:m5170scope:ltversion:lw80.dn7.p210

Trust: 1.0

vendor:lexmarkmodel:ms817scope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:xs796scope:ltversion:lhs60.mr.p753

Trust: 1.0

vendor:lexmarkmodel:xc9225scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:c4150scope:ltversion:cstat.076.294

Trust: 1.0

vendor:lexmarkmodel:cs622scope:ltversion:cstzj.076.294

Trust: 1.0

vendor:lexmarkmodel:c3326scope:ltversion:cslbl.076.294

Trust: 1.0

vendor:lexmarkmodel:xm1342scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:xc9245scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:xs548scope:ltversion:lhs60.vk.p753

Trust: 1.0

vendor:lexmarkmodel:c748scope:ltversion:lhs60.cm4.p753

Trust: 1.0

vendor:lexmarkmodel:xs798scope:ltversion:lhs60.mr.p753

Trust: 1.0

vendor:lexmarkmodel:m1242scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:m5163descope:ltversion:lw80.dn4.p210

Trust: 1.0

vendor:lexmarkmodel:w850scope:ltversion:lp.jb.p834

Trust: 1.0

vendor:lexmarkmodel:cs727scope:ltversion:cstat.076.294

Trust: 1.0

vendor:lexmarkmodel:c925scope:ltversion:lhs60.hv.p753

Trust: 1.0

vendor:lexmarkmodel:xc8160scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:x748scope:ltversion:lhs60.ny.p753

Trust: 1.0

vendor:lexmarkmodel:mb2546scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:ms621scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:cx924scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:xc8163scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:ms818scope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:b2338scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:mx910scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:cx410scope:ltversion:lw80.gm4.p210

Trust: 1.0

vendor:lexmarkmodel:xc4140scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:x65xscope:ltversion:lr.mn.p835

Trust: 1.0

vendor:lexmarkmodel:mc3426scope:ltversion:cxlbn.076.294

Trust: 1.0

vendor:lexmarkmodel:cs725scope:ltversion:cstat.076.294

Trust: 1.0

vendor:lexmarkmodel:cs317scope:ltversion:lw80.vyl.p210

Trust: 1.0

vendor:lexmarkmodel:cx310scope:ltversion:lw80.gm2.p210

Trust: 1.0

vendor:lexmarkmodel:ms710scope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:ms321scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:cs796scope:ltversion:lhs60.hc.p753

Trust: 1.0

vendor:lexmarkmodel:ms826scope:ltversion:mstgw.076.294

Trust: 1.0

vendor:lexmarkmodel:xc6152scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:ms510scope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:m3250scope:ltversion:mstgm.076.294

Trust: 1.0

vendor:lexmarkmodel:cs728scope:ltversion:cstat.076.294

Trust: 1.0

vendor:lexmarkmodel:mx517scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:m1145scope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:cs439scope:ltversion:cslbn.076.294

Trust: 1.0

vendor:lexmarkmodel:mc3224scope:ltversion:cxlbl.076.294

Trust: 1.0

vendor:lexmarkmodel:mx511scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:cs827scope:ltversion:cstpp.076.294

Trust: 1.0

vendor:lexmarkmodel:ms822scope:ltversion:mstgw.076.294

Trust: 1.0

vendor:lexmarkmodel:cx922scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:xc9235scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:c2535scope:ltversion:csnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:x73xscope:ltversion:lr.fl.p835

Trust: 1.0

vendor:lexmarkmodel:c736scope:ltversion:lr.ske.p835

Trust: 1.0

vendor:lexmarkmodel:ms421scope:ltversion:msngm.076.294

Trust: 1.0

vendor:lexmarkmodel:xm7155scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:x950scope:ltversion:lhs60.tq.p753

Trust: 1.0

vendor:lexmarkmodel:ms725scope:ltversion:msngw.076.294

Trust: 1.0

vendor:lexmarkmodel:cs827scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:cs521scope:ltversion:csnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:xc9255scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:mx617scope:ltversion:lw80.sb7.p210

Trust: 1.0

vendor:lexmarkmodel:ms812dnscope:ltversion:lw80.dn2.p210

Trust: 1.0

vendor:lexmarkmodel:ms821scope:ltversion:msngw.076.294

Trust: 1.0

vendor:lexmarkmodel:mx522scope:ltversion:mxtgm.076.294

Trust: 1.0

vendor:lexmarkmodel:cs927scope:ltversion:cstmh.076.294

Trust: 1.0

vendor:lexmarkmodel:mx711scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:x46xscope:ltversion:lr.bs.p835

Trust: 1.0

vendor:lexmarkmodel:ms331scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:xc8155scope:ltversion:cxtpp.076.294

Trust: 1.0

vendor:lexmarkmodel:cs921scope:ltversion:cstmh.076.294

Trust: 1.0

vendor:lexmarkmodel:mx812scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:ms622scope:ltversion:mstgm.076.294

Trust: 1.0

vendor:lexmarkmodel:xc4153scope:ltversion:cxtat.076.294

Trust: 1.0

vendor:lexmarkmodel:mx510scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:xm7263scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:cx921scope:ltversion:cxtmh.076.294

Trust: 1.0

vendor:lexmarkmodel:cs510scope:ltversion:lw80.vy4.p210

Trust: 1.0

vendor:lexmarkmodel:xm5270scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:xm5163scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:mc3326scope:ltversion:cxlbl.076.294

Trust: 1.0

vendor:lexmarkmodel:xm1135scope:ltversion:lw80.sb2.p210

Trust: 1.0

vendor:lexmarkmodel:mx331scope:ltversion:mxlbd.076.294

Trust: 1.0

vendor:lexmarkmodel:ms312scope:ltversion:lw80.prl.p210

Trust: 1.0

vendor:lexmarkmodel:mx417scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:mx321scope:ltversion:mxngm.076.294

Trust: 1.0

vendor:lexmarkmodel:x792scope:ltversion:lhs60.mr.p753

Trust: 1.0

vendor:lexmarkmodel:x86xscope:ltversion:lp.sp.p834

Trust: 1.0

vendor:lexmarkmodel:cx517scope:ltversion:lw80.gm7.p210

Trust: 1.0

vendor:lexmarkmodel:ms310scope:ltversion:lw80.prl.p210

Trust: 1.0

vendor:lexmarkmodel:c3224scope:ltversion:cslbl.076.294

Trust: 1.0

vendor:lexmarkmodel:xs748scope:ltversion:lhs60.ny.p753

Trust: 1.0

vendor:lexmarkmodel:mx912scope:ltversion:lw80.mg.p210

Trust: 1.0

vendor:lexmarkmodel:ms617scope:ltversion:lw80.pr2.p210

Trust: 1.0

vendor:lexmarkmodel:x548scope:ltversion:lhs60.vk.p753

Trust: 1.0

vendor:lexmarkmodel:mb3442scope:ltversion:mxlbd.076.294

Trust: 1.0

vendor:lexmarkmodel:mx721scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:x925scope:ltversion:lhs60.hk.p753

Trust: 1.0

vendor:lexmarkmodel:xm1145scope:ltversion:lw80.sb4.p210

Trust: 1.0

vendor:lexmarkmodel:c2326scope:ltversion:cslbn.076.294

Trust: 1.0

vendor:lexmarkmodel:t65xscope:ltversion:lr.jp.p835

Trust: 1.0

vendor:lexmarkmodel:mc2640scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:ms415scope:ltversion:lw80.tl2.p210

Trust: 1.0

vendor:lexmarkmodel:b3442scope:ltversion:mslbd.076.294

Trust: 1.0

vendor:lexmarkmodel:xc4240scope:ltversion:cxtzj.076.294

Trust: 1.0

vendor:lexmarkmodel:mx826scope:ltversion:mxtgw.076.294

Trust: 1.0

vendor:lexmarkmodel:cs421scope:ltversion:csnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:xm7163scope:ltversion:lw80.tu.p210

Trust: 1.0

vendor:lexmarkmodel:c2425scope:ltversion:csnzj.076.294

Trust: 1.0

vendor:lexmarkmodel:b2236scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:mx431scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:mb2236scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:xm1342scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:mx331scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms331scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms431scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:b3340scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:b3442scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:m1342scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:mc3224iscope: - version: -

Trust: 0.7

vendor:lexmarkmodel:lexmarkscope: - version: -

Trust: 0.6

sources: ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185 // JVNDB: JVNDB-2022-003882 // NVD: CVE-2021-44737

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-44737
value: HIGH

Trust: 1.0

NVD: CVE-2021-44737
value: HIGH

Trust: 0.8

ZDI: CVE-2021-44737
value: HIGH

Trust: 0.7

CNVD: CNVD-2022-08185
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202201-1808
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-44737
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-08185
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-44737
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-44737
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-44737
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185 // JVNDB: JVNDB-2022-003882 // CNNVD: CNNVD-202201-1808 // NVD: CVE-2021-44737

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.0

problemtype:Path traversal (CWE-22) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-003882 // NVD: CVE-2021-44737

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202201-1808

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202201-1808

PATCH

title:Lexmark Security Advisoriesurl:https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html

Trust: 0.8

title:Lexmark has issued an update to correct this vulnerability.url:https://publications.lexmark.com/publications/security-alerts/CVE-2021-44737.pdf

Trust: 0.7

title:Patch for Lexmark Path Traversal Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/317101

Trust: 0.6

title:Lexmark Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=179837

Trust: 0.6

sources: ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185 // JVNDB: JVNDB-2022-003882 // CNNVD: CNNVD-202201-1808

EXTERNAL IDS

db:NVDid:CVE-2021-44737

Trust: 4.5

db:ZDIid:ZDI-22-333

Trust: 3.1

db:JVNDBid:JVNDB-2022-003882

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15820

Trust: 0.7

db:CNVDid:CNVD-2022-08185

Trust: 0.6

db:CNNVDid:CNNVD-202201-1808

Trust: 0.6

sources: ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185 // JVNDB: JVNDB-2022-003882 // CNNVD: CNNVD-202201-1808 // NVD: CVE-2021-44737

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-22-333/

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-44737

Trust: 2.0

url:https://support.lexmark.com/alerts/

Trust: 1.6

url:https://publications.lexmark.com/publications/security-alerts/cve-2021-44737.pdf

Trust: 0.7

sources: ZDI: ZDI-22-333 // CNVD: CNVD-2022-08185 // JVNDB: JVNDB-2022-003882 // CNNVD: CNNVD-202201-1808 // NVD: CVE-2021-44737

CREDITS

NCC Group EDG (Alex Plaskett, Cedric Halbronn, Aaron Adams)

Trust: 0.7

sources: ZDI: ZDI-22-333

SOURCES

db:ZDIid:ZDI-22-333
db:CNVDid:CNVD-2022-08185
db:JVNDBid:JVNDB-2022-003882
db:CNNVDid:CNNVD-202201-1808
db:NVDid:CVE-2021-44737

LAST UPDATE DATE

2024-11-23T21:33:17.116000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-333date:2022-02-15T00:00:00
db:CNVDid:CNVD-2022-08185date:2022-02-02T00:00:00
db:JVNDBid:JVNDB-2022-003882date:2023-03-10T03:18:00
db:CNNVDid:CNNVD-202201-1808date:2022-03-18T00:00:00
db:NVDid:CVE-2021-44737date:2024-11-21T06:31:29.553

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-333date:2022-02-15T00:00:00
db:CNVDid:CNVD-2022-08185date:2022-02-02T00:00:00
db:JVNDBid:JVNDB-2022-003882date:2023-03-10T00:00:00
db:CNNVDid:CNNVD-202201-1808date:2022-01-20T00:00:00
db:NVDid:CVE-2021-44737date:2022-01-20T17:15:17.967