Vasion Print (formerly PrinterLogic) Dangerous PHP Dead Code Enables RCE

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (VA and SaaS deployments) contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php (found in several containers) lacks authentication checks and, when executed, performs a SQL update that sets the database administrator username to 'root' and its password hash to the SHA-512 hash of the string 'password'. Separately, commented-out code in /var/www/app/lib/common/oses.php would unserialize session data (unserialize($_SESSION['osdata']))—a pattern that can enable remote code execution if re-enabled or reached with attacker-controlled serialized data. An attacker able to reach the resetroot.php endpoint can trivially reset the MySQL root password and obtain full database control; combined with deserialization issues this can lead to full remote code execution and system compromise. This vulnerability has been identified by the vendor as: V-2023-003 — Dead / Insecure PHP Code.

N/A

死代码

Vasion Print和Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print和Vasion Print Virtual Appliance Host都是Vasion公司的产品。Vasion Print是一款基于 SaaS 的云托管应用程序，用于管理和部署打印机。Vasion Print Virtual Appliance Host是一个打印管理软件。 Vasion Print Virtual Appliance Host 22.0.843之前版本和Vasion Print Application 20.0.1923版本存在安全漏洞，该漏洞源于/var/ww

N/A

N/A