Vulnerabilites related to repetier-server - repetier-server
cve-2023-31061
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2025-02-04 19:29
Severity ?
EPSS score ?
Summary
Repetier Server through 1.4.10 does not have CSRF protection.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:45:25.591Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { tags: [ "x_transferred", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-31061", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:28:13.406655Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:29:05.197Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 does not have CSRF protection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-24T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { url: "https://www.repetier-server.com/download-repetier-server/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-31061", datePublished: "2023-04-24T00:00:00.000Z", dateReserved: "2023-04-24T00:00:00.000Z", dateUpdated: "2025-02-04T19:29:05.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31060
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2025-02-04 19:35
Severity ?
EPSS score ?
Summary
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:45:25.148Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { tags: [ "x_transferred", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-31060", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:30:26.676367Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:35:51.984Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-24T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { url: "https://www.repetier-server.com/download-repetier-server/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-31060", datePublished: "2023-04-24T00:00:00.000Z", dateReserved: "2023-04-24T00:00:00.000Z", dateUpdated: "2025-02-04T19:35:51.984Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-14451
Vulnerability from cvelistv5
Published
2019-10-25 16:27
Modified
2024-08-05 00:19
Severity ?
EPSS score ?
Summary
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.repetier-server.com/manuals/0.91/index.html | x_refsource_MISC | |
| https://www.repetier-server.com/knowledgebase/security-advisory/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:41.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-25T16:27:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14451", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.repetier-server.com/manuals/0.91/index.html", refsource: "MISC", url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { name: "https://www.repetier-server.com/knowledgebase/security-advisory/", refsource: "CONFIRM", url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14451", datePublished: "2019-10-25T16:27:22", dateReserved: "2019-07-30T00:00:00", dateUpdated: "2024-08-05T00:19:41.075Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-14450
Vulnerability from cvelistv5
Published
2019-10-28 16:58
Modified
2024-08-05 00:19
Severity ?
EPSS score ?
Summary
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.repetier-server.com/manuals/0.91/index.html | x_refsource_MISC | |
| https://www.repetier-server.com/knowledgebase/security-advisory/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:40.999Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-28T16:58:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14450", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.repetier-server.com/manuals/0.91/index.html", refsource: "MISC", url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { name: "https://www.repetier-server.com/knowledgebase/security-advisory/", refsource: "CONFIRM", url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14450", datePublished: "2019-10-28T16:58:41", dateReserved: "2019-07-30T00:00:00", dateUpdated: "2024-08-05T00:19:40.999Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-31059
Vulnerability from cvelistv5
Published
2023-04-24 00:00
Modified
2025-02-04 19:37
Severity ?
EPSS score ?
Summary
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:45:25.141Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { tags: [ "x_transferred", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-31059", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:36:57.628141Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:37:41.746Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-24T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { url: "https://www.repetier-server.com/download-repetier-server/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-31059", datePublished: "2023-04-24T00:00:00.000Z", dateReserved: "2023-04-24T00:00:00.000Z", dateUpdated: "2025-02-04T19:37:41.746Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-10-25 17:15
Modified
2024-11-21 04:26
Severity ?
Summary
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| repetier-server | repetier-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:*", matchCriteriaId: "CA956238-185C-4521-BAA6-8ED7382C1826", versionEndIncluding: "0.91", versionStartIncluding: "0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, { lang: "es", value: "El archivo RepetierServer.exe en Repetier-Server versiones 0.8 hasta 0.91, no comprueba apropiadamente la estructura de datos XML proporcionada cuando se carga una nueva configuración de impresora. Cuando esto se combina con CVE-2019-14450, un atacante puede cargar una configuración de \"external command\" como una configuración de impresora y lograr una ejecución de código remota. Después de su explotación, la carga de la configuración del comando externo es dependiente de un reinicio del sistema o un reinicio del servicio.", }, ], id: "CVE-2019-14451", lastModified: "2024-11-21T04:26:46.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-25T17:15:10.837", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-24 03:15
Modified
2025-02-04 20:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Repetier Server through 1.4.10 does not have CSRF protection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.repetier-server.com/download-repetier-server/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.repetier-server.com/download-repetier-server/ | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| repetier-server | repetier-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:*", matchCriteriaId: "E8EAABD7-02D4-4861-A634-B99441F9BB76", versionEndIncluding: "1.4.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 does not have CSRF protection.", }, ], id: "CVE-2023-31061", lastModified: "2025-02-04T20:15:48.807", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-24T03:15:07.407", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-28 17:15
Modified
2024-11-21 04:26
Severity ?
Summary
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.repetier-server.com/knowledgebase/security-advisory/ | Third Party Advisory | |
| cve@mitre.org | https://www.repetier-server.com/manuals/0.91/index.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.repetier-server.com/knowledgebase/security-advisory/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.repetier-server.com/manuals/0.91/index.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| repetier-server | repetier-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:*", matchCriteriaId: "CA956238-185C-4521-BAA6-8ED7382C1826", versionEndIncluding: "0.91", versionStartIncluding: "0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.", }, { lang: "es", value: "Se descubrió una vulnerabilidad de salto de directorio en el archivo RepetierServer.exe en Repetier-Server versiones 0.8 hasta 0.91, lo que permite la creación de un archivo XML controlado por el usuario en una ubicación no deseada. Cuando esto se combina con CVE-2019-14451, un atacante puede cargar una configuración \"external command\" tal y como una configuración de impresora y lograr la ejecución de código remota. después de la carga de explotación de la configuración del comando externo necesita de un reinicio del sistema o una reanudación del servicio.", }, ], id: "CVE-2019-14450", lastModified: "2024-11-21T04:26:45.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-28T17:15:19.877", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.repetier-server.com/knowledgebase/security-advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.repetier-server.com/manuals/0.91/index.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-24 03:15
Modified
2025-02-04 20:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.repetier-server.com/download-repetier-server/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.repetier-server.com/download-repetier-server/ | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| repetier-server | repetier-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:*", matchCriteriaId: "E8EAABD7-02D4-4861-A634-B99441F9BB76", versionEndIncluding: "1.4.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.", }, ], id: "CVE-2023-31060", lastModified: "2025-02-04T20:15:48.620", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-24T03:15:07.373", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-24 03:15
Modified
2025-02-04 20:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.repetier-server.com/download-repetier-server/ | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cybir.com/2023/cve/poc-repetier-server-140/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.repetier-server.com/download-repetier-server/ | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| repetier-server | repetier-server | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:*", matchCriteriaId: "E8EAABD7-02D4-4861-A634-B99441F9BB76", versionEndIncluding: "1.4.10", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.", }, ], id: "CVE-2023-31059", lastModified: "2025-02-04T20:15:48.430", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-24T03:15:07.333", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://cybir.com/2023/cve/poc-repetier-server-140/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.repetier-server.com/download-repetier-server/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }