Suse · Yast2-Printer · CVE-2018-20106
**Name of the Vulnerable Software and Affected Versions**
yast2-printer versions prior to 4.0.3
**Description**
The issue is related to the SMB printer settings in yast2-printer, where passwords are not properly escaped, allowing for code execution as root if a password with special characters, such as backticks, is supplied. This requires tricking the root user into entering such a password in yast.
**Recommendations**
For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of passwords with special characters, such as backticks, in the SMB printer settings until the issue is resolved.