CVE-2018-17169

Name of the Vulnerable Software and Affected Versions PrinterOn versions 4.1.4 and lower

Description A vulnerability exists that allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks. This is achieved by sending a crafted DTD in an XML request, exploiting an XML external entity (XXE) vulnerability.

Recommendations For versions 4.1.4 and lower, update to a version higher than 4.1.4 to resolve the issue. As a temporary workaround, consider restricting access to the XML request functionality to minimize the risk of exploitation.