CVE-2021-42638
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
CVSS
8.1
High
EPSS
5.5%
p92
KEV
—
Exploit Today
28
0-100
Published: Feb 1, 2022 · Last modified: Jul 9, 2026 · CWE-77
5.5%EPSS · 30 days5.7%
2026-06-302026-07-16
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.
- portswigger.nethttps://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
- securityaffairs.cohttps://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
- thecyberthrone.inhttps://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
- www.printerlogic.comhttps://www.printerlogic.com/security-bulletin/
- www.securityweek.comhttps://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
- www.yahooinc.comhttps://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
- portswigger.nethttps://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints
- securityaffairs.cohttps://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html
- thecyberthrone.inhttps://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite
- www.printerlogic.comhttps://www.printerlogic.com/security-bulletin/
- www.securityweek.comhttps://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite
- www.yahooinc.comhttps://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-422718.8 HIG99.6%
KEV—80BerriAI LiteLLM Command Injection Vulnerability2dCVE-2023-349609.8 CRI99.9%
——30A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.8dCVE-2023-376799.8 CRI99.9%
——30A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.8dCVE-2026-80379.6 CRI98.6%
——30OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints3dCVE-2022-457018.8 HIG98.5%
——30Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.8dCVE-2023-337828.8 HIG98.3%
——30D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function.8d