Critical Vulnerabilities in PrinterLogic’s Enterprise Printer Solution Pose Major Security Risks
Security researchers at the Australian employment marketplace Seek have uncovered a series of alarming vulnerabilities in PrinterLogic‘s enterprise management printer solution.
These flaws, which include SQL injection, cross-site scripting (XSS), and authentication bypass, have the potential to expose organizations too numerous kinds of assaults. This investigation raises major concerns about the security of PrinterLogic‘s platform with a total of 18 vulnerabilities found.
Authentication Bypass and Configuration Modification
The researchers found several critical flaws, including an authentication bypass vulnerability that enables unauthorized third parties to access administration scripts and change the settings of the service. Unauthenticated access is accessible via direct URLs to some PHP files since there is no centralized mechanism for handling authentication and authorization.
SQL Injection and XSS Exploitation
Additionally, the platform has a weak defense against SQL injection, making it susceptible to data breaches. Additionally, numerous cross-site scripting problems were discovered, which might allow administrator accounts to be taken over by leaking user session cookies. Additionally, attackers in possession of a session ID are able to bypass authentication because there isn’t a fresh session identification created after login.
Inadequate Password Protection and Credential Exposure
Concerning password security procedures were uncovered by the researchers, such as logging password-containing queries in plaintext and storing passwords using unsalted SHA1 hashing. Double base64 encoding is used by the program to obfuscate the transfer of usernames and passwords, which can be readily undone by attackers.
Our Readers ALSO READBarracuda’s Warning of Zero-Day Exploitation
Additional Security Weaknesses
Other security flaws were discovered as a result of the investigation, including the fact that most forms lack enforced cross-site request forgery (CSRF) checks, administrators can upload printer drivers that have known security flaws, and sufficient authorization checks are not in place. The program also includes an arbitrary URL in an iframe that could lead to unsafe file downloads and allows user emails to be enumerated using the “forgot password” feature.
Vendor Response and Patch Availability
Although the responsible disclosure procedure was started in February, PrinterLogic has not yet specified a deadline for releasing fixes. Even though the corporation admitted that several vulnerabilities involve legacy code, there are worries that at least one bug might not be fixed.
Due to the found flaws, PrinterLogic‘s enterprise management printer solution is extremely vulnerable to security threats. Organizations utilizing the platform must be on guard and take the necessary precautions to reduce risks. To protect the data of its clients and stop hostile exploitation, PrinterLogic must make fixing these vulnerabilities a top priority.