Arbitrary File Write and Execution Vulnerability in Lexmark Markvision Enterprise

CVE-2014-9375 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.

Learn more about our User Device Pen Test.