Hardcoded APP_KEY in PrinterLogic Web Stack Allows Pre-Auth Remote Code Execution

Hardcoded APP_KEY in PrinterLogic Web Stack Allows Pre-Auth Remote Code Execution

CVE-2021-42635 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.

Learn more about our Web App Pen Testing.