In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/155365/Lexmark-Services-Monitor-2.27.4.0.39-Directory-Traversal.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2019/Nov/17 | Third Party Advisory |
http://support.lexmark.com/index?page=content&id=TE930&locale=en&userlocale=EN_US | |
https://www.symantec.com/security-center/vulnerabilities/writeup/110943 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-21T17:56:23
Updated: 2019-12-19T15:00:13
Reserved: 2019-09-24T00:00:00
Link: CVE-2019-16758
JSON object: View
NVD Information
Status : Modified
Published: 2019-11-21T18:15:11.243
Modified: 2019-12-19T15:15:14.087
Link: CVE-2019-16758
JSON object: View
Redhat Information
No data.
CWE