CVE-2024-22076

MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
myq-solutionprint_server
𝑥
< 8.2
myq-solutionprint_server
8.2
myq-solutionprint_server
8.2:beta1
myq-solutionprint_server
8.2:patch1
myq-solutionprint_server
8.2:patch10
myq-solutionprint_server
8.2:patch11
myq-solutionprint_server
8.2:patch12
myq-solutionprint_server
8.2:patch13
myq-solutionprint_server
8.2:patch14
myq-solutionprint_server
8.2:patch15
myq-solutionprint_server
8.2:patch16
myq-solutionprint_server
8.2:patch17
myq-solutionprint_server
8.2:patch18
myq-solutionprint_server
8.2:patch19
myq-solutionprint_server
8.2:patch2
myq-solutionprint_server
8.2:patch20
myq-solutionprint_server
8.2:patch21
myq-solutionprint_server
8.2:patch22
myq-solutionprint_server
8.2:patch23
myq-solutionprint_server
8.2:patch24
myq-solutionprint_server
8.2:patch25
myq-solutionprint_server
8.2:patch26
myq-solutionprint_server
8.2:patch27
myq-solutionprint_server
8.2:patch28
myq-solutionprint_server
8.2:patch29
myq-solutionprint_server
8.2:patch3
myq-solutionprint_server
8.2:patch30
myq-solutionprint_server
8.2:patch31
myq-solutionprint_server
8.2:patch32
myq-solutionprint_server
8.2:patch33
myq-solutionprint_server
8.2:patch34
myq-solutionprint_server
8.2:patch35
myq-solutionprint_server
8.2:patch36
myq-solutionprint_server
8.2:patch37
myq-solutionprint_server
8.2:patch38
myq-solutionprint_server
8.2:patch39
myq-solutionprint_server
8.2:patch4
myq-solutionprint_server
8.2:patch40
myq-solutionprint_server
8.2:patch41
myq-solutionprint_server
8.2:patch42
myq-solutionprint_server
8.2:patch5
myq-solutionprint_server
8.2:patch6
myq-solutionprint_server
8.2:patch7
myq-solutionprint_server
8.2:patch8
myq-solutionprint_server
8.2:patch9
myq-solutionprint_server
8.2:rc1
myq-solutionprint_server
8.2:rc2
myq-solutionprint_server
8.2:rc3
𝑥
= Vulnerable software versions
References
https://docs.myq-solution.com/en/print-server/8.2/
https://docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29
https://www.access42.nl/nieuws/unmasking-web-vulnerabilities-a-tale-of-default-admin-credentials-and-php-command-execution-cve-2024-22076/
https://docs.myq-solution.com/en/print-server/8.2/
https://docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29
https://www.access42.nl/nieuws/unmasking-web-vulnerabilities-a-tale-of-default-admin-credentials-and-php-command-execution-cve-2024-22076/