Lexmark Scan To Network (SNF) 3.2.9 and previous versions stores network configuration credentials in plaintext and transmits them in requests, which allows remote malicious users to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lexmark scan to network |