PT-2023-25760 · Adm · Adm
Published
2023-08-17
·
Updated
2023-08-23
·
CVE-2023-3698
CVSS v3.1
8.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ADM versions 4.0.6.RIS1 through 4.1.0
ADM versions 4.2.2.RI61 and below
Description
The printer service fails to adequately handle user input, allowing remote unauthorized users to navigate beyond the intended directory structure and delete files.
Recommendations
For ADM versions 4.0.6.RIS1 through 4.1.0, update to a version above 4.1.0 to resolve the issue.
For ADM versions 4.2.2.RI61 and below, update to a version above 4.2.2.RI61 to resolve the issue.
As a temporary workaround, consider restricting access to the printer service to minimize the risk of exploitation.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Adm