CVE-2017-20156

CVSS V2 None CVSS V3 None
Description
A vulnerability was found in Exciting Printer and classified as critical. This issue affects some unknown processing of the file lib/printer/jobs/prepare_page.rb of the component Argument Handler. The manipulation of the argument URL leads to command injection. The name of the patch is 5f8c715d6e2cc000f621a6833f0a86a673462136. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217139.
Overview
  • CVE ID
  • CVE-2017-20156
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-31T10:15:09
  • Last Modified Date
  • 2023-01-06T21:34:48
Weakness Enumerations
CWE URL
CWE-77 http://cwe.mitre.org/data/definitions/77.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:printer_project:printer:*:*:*:*:*:*:*:* 1 OR 2017-07-08
References
Reference URL Reference Tags
https://github.com/exciting-io/printer/commit/5f8c715d6e2cc000f621a6833f0a86a673462136
https://github.com/exciting-io/printer/issues/56
https://vuldb.com/?ctiid.217139
https://vuldb.com/?id.217139
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2017-20156
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20156
History
Created Old Value New Value Data Type Notes
2022-12-31 11:14:38 Added to TrackCVE
2022-12-31 11:14:38 Weakness Enumeration new
2023-01-02 17:14:41 2023-01-02T16:16:53 CVE Modified Date updated
2023-01-02 17:14:41 Received Awaiting Analysis Vulnerability Status updated
2023-01-02 17:14:42 CVSS V3 information new
2023-01-02 17:14:42 CVSS V2 information new
2023-01-05 16:20:27 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-05 16:20:29 CVSS V3 information new
2023-01-05 16:20:29 CVSS V2 information new
2023-01-06 22:18:09 2023-01-06T21:34:48 CVE Modified Date updated
2023-01-06 22:18:09 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-06 22:18:11 CPE Information updated
2023-01-06 22:18:11 CVSS V3 information new
2023-01-06 22:18:11 CVSS V2 information new