PT-2026-20415 · Unknown+1 · Amr Printer Management+1
Published
2026-02-18
·
Updated
2026-02-18
·
CVE-2026-2464
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
AMR Printer Management version 1.01 Beta
Description
A path traversal condition exists in the AMR Printer Management 1.01 Beta web service. This allows remote attackers to read arbitrary files from the underlying Windows system by using specially crafted path traversal sequences in requests directed to the web management service. The service is accessible without authentication and operates with elevated privileges. Exploitation of this condition could lead to the unauthorized disclosure of internal system information. The vulnerability involves using path traversal payloads to access sensitive and privileged files on the system.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amr Printer Management
Windows