CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.

Published: Jan 20, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-44737
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 8.3
AV:A/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
lexmark / b2236_firmware	-	mslsg.076.294
lexmark / mb2236_firmware	-	mxlsg.076.294
lexmark / ms431_firmware	-	mslbd.076.294
lexmark / ms331_firmware	-	mslbd.076.294
lexmark / m1342_firmware	-	mslbd.076.294
lexmark / b3442_firmware	-	mslbd.076.294
lexmark / b3340_firmware	-	mslbd.076.294
lexmark / xm1342_firmware	-	mslbd.076.294
lexmark / mx331_firmware	-	mxlbd.076.294
lexmark / mx431_firmware	-	mxlbd.076.294
lexmark / mb3442_firmware	-	mxlbd.076.294
lexmark / ms321_firmware	-	msngm.076.294
lexmark / ms421_firmware	-	msngm.076.294
lexmark / ms521_firmware	-	msngm.076.294
lexmark / ms621_firmware	-	msngm.076.294
lexmark / m1242_firmware	-	msngm.076.294
lexmark / m1246_firmware	-	msngm.076.294
lexmark / b2338_firmware	-	msngm.076.294
lexmark / b2442_firmware	-	msngm.076.294
lexmark / b2546_firmware	-	msngm.076.294
lexmark / b2650_firmware	-	msngm.076.294
lexmark / ms622_firmware	-	mstgm.076.294
lexmark / m3250_firmware	-	mstgm.076.294
lexmark / mx321_firmware	-	mxngm.076.294
lexmark / mb2338_firmware	-	mxngm.076.294
lexmark / mx421_firmware	-	mxtgm.076.294
lexmark / mx521_firmware	-	mxtgm.076.294
lexmark / mx522_firmware	-	mxtgm.076.294
lexmark / mx622_firmware	-	mxtgm.076.294
lexmark / xm1242_firmware	-	mxtgm.076.294
lexmark / xm1246_firmware	-	mxtgm.076.294
lexmark / xm3250_firmware	-	mxtgm.076.294
lexmark / mb2442_firmware	-	mxtgm.076.294
lexmark / mb2546_firmware	-	mxtgm.076.294
lexmark / mb2650_firmware	-	mxtgm.076.294
lexmark / ms821_firmware	-	msngw.076.294
lexmark / ms823_firmware	-	msngw.076.294
lexmark / ms825_firmware	-	msngw.076.294
lexmark / b2865_firmware	-	msngw.076.294
lexmark / ms725_firmware	-	msngw.076.294
lexmark / ms822_firmware	-	mstgw.076.294
lexmark / ms826_firmware	-	mstgw.076.294
lexmark / m5255_firmware	-	mstgw.076.294
lexmark / m5270_firmware	-	mstgw.076.294
lexmark / mx722_firmware	-	mxtgw.076.294
lexmark / mx822_firmware	-	mxtgw.076.294
lexmark / mx826_firmware	-	mxtgw.076.294
lexmark / xm5365_firmware	-	mxtgw.076.294
lexmark / xm7355_firmware	-	mxtgw.076.294
lexmark / xm7370_firmware	-	mxtgw.076.294
lexmark / mb2770_firmware	-	mxtgw.076.294
lexmark / mx721_firmware	-	mxtgw.076.294
lexmark / c3426_firmware	-	cslbn.076.294
lexmark / c2326_firmware	-	cslbn.076.294
lexmark / cs431_firmware	-	cslbn.076.294
lexmark / cs439_firmware	-	cslbn.076.294
lexmark / cs331_firmware	-	cslbl.076.294
lexmark / c3224_firmware	-	cslbl.076.294
lexmark / c3326_firmware	-	cslbl.076.294
lexmark / mc3426_firmware	-	cxlbn.076.294
lexmark / cx431_firmware	-	cxlbn.076.294
lexmark / xc2326_firmware	-	cxlbn.076.294
lexmark / mc3224_firmware	-	cxlbl.076.294
lexmark / mc3326_firmware	-	cxlbl.076.294
lexmark / cx331_firmware	-	cxlbl.076.294
lexmark / cs622_firmware	-	cstzj.076.294
lexmark / c2240_firmware	-	cstzj.076.294
lexmark / cs421_firmware	-	csnzj.076.294
lexmark / cs521_firmware	-	csnzj.076.294
lexmark / c2325_firmware	-	csnzj.076.294
lexmark / c2425_firmware	-	csnzj.076.294
lexmark / c2535_firmware	-	csnzj.076.294
lexmark / cx522_firmware	-	cxtzj.076.294
lexmark / cx622_firmware	-	cxtzj.076.294
lexmark / cx625_firmware	-	cxtzj.076.294
lexmark / xc2235_firmware	-	cxtzj.076.294
lexmark / xc4240_firmware	-	cxtzj.076.294
lexmark / mc2535_firmware	-	cxtzj.076.294
lexmark / mc2640_firmware	-	cxtzj.076.294
lexmark / cx421_firmware	-	cxnzj.076.294
lexmark / mc2325_firmware	-	cxnzj.076.294
lexmark / mc2425_firmware	-	cxnzj.076.294
lexmark / cx820_firmware	-	cxtpp.076.294
lexmark / cx825_firmware	-	cxtpp.076.294
lexmark / cs827_firmware	-	cxtpp.076.294
lexmark / cx860_firmware	-	cxtpp.076.294
lexmark / xc6152_firmware	-	cxtpp.076.294
lexmark / xc6153_firmware	-	cxtpp.076.294
lexmark / xc8155_firmware	-	cxtpp.076.294
lexmark / xc8160_firmware	-	cxtpp.076.294
lexmark / xc8163_firmware	-	cxtpp.076.294
lexmark / cs820_firmware	-	cstpp.076.294
lexmark / cs827_firmware	-	cstpp.076.294
lexmark / c6160_firmware	-	cstpp.076.294
lexmark / cs720_firmware	-	cstat.076.294
lexmark / cs725_firmware	-	cstat.076.294
lexmark / cs727_firmware	-	cstat.076.294
lexmark / cs728_firmware	-	cstat.076.294
lexmark / c4150_firmware	-	cstat.076.294
lexmark / cx725_firmware	-	cxtat.076.294
lexmark / cx727_firmware	-	cxtat.076.294
lexmark / xc4140_firmware	-	cxtat.076.294
lexmark / xc4143_firmware	-	cxtat.076.294
lexmark / xc4150_firmware	-	cxtat.076.294
lexmark / xc4153_firmware	-	cxtat.076.294
lexmark / cs921_firmware	-	cstmh.076.294
lexmark / cs923_firmware	-	cstmh.076.294
lexmark / cs927_firmware	-	cstmh.076.294
lexmark / c9235_firmware	-	cstmh.076.294
lexmark / cx920_firmware	-	cxtmh.076.294
lexmark / cx921_firmware	-	cxtmh.076.294
lexmark / cx922_firmware	-	cxtmh.076.294
lexmark / cx923_firmware	-	cxtmh.076.294
lexmark / cx924_firmware	-	cxtmh.076.294
lexmark / xc9225_firmware	-	cxtmh.076.294
lexmark / xc9235_firmware	-	cxtmh.076.294
lexmark / xc9245_firmware	-	cxtmh.076.294
lexmark / xc9255_firmware	-	cxtmh.076.294
lexmark / xc9265_firmware	-	cxtmh.076.294
lexmark / ms310_firmware	-	lw80.prl.p210
lexmark / ms312_firmware	-	lw80.prl.p210
lexmark / ms317_firmware	-	lw80.prl.p210
lexmark / ms410_firmware	-	lw80.prl.p210
lexmark / m1140_firmware	-	lw80.prl.p210
lexmark / ms315_firmware	-	lw80.tl2.p210
lexmark / ms415_firmware	-	lw80.tl2.p210
lexmark / ms417_firmware	-	lw80.tl2.p210
lexmark / ms510_firmware	-	lw80.pr2.p210
lexmark / ms517_firmware	-	lw80.pr2.p210
lexmark / ms617_firmware	-	lw80.pr2.p210
lexmark / ms610dn_firmware	-	lw80.pr2.p210
lexmark / m1140+_firmware	-	lw80.pr2.p210
lexmark / m1145_firmware	-	lw80.pr2.p210
lexmark / m3150dn_firmware	-	lw80.pr2.p210
lexmark / ms610de_firmware	-	lw80.pr4.p210
lexmark / m3150de_firmware	-	lw80.pr4.p210
lexmark / mx310_firmware	-	lw80.sb2.p210
lexmark / mx317_firmware	-	lw80.sb2.p210
lexmark / xm1135_firmware	-	lw80.sb2.p210
lexmark / mx410_firmware	-	lw80.sb4.p210
lexmark / mx417_firmware	-	lw80.sb4.p210
lexmark / mx510_firmware	-	lw80.sb4.p210
lexmark / mx511_firmware	-	lw80.sb4.p210
lexmark / mx517_firmware	-	lw80.sb4.p210
lexmark / xm1140_firmware	-	lw80.sb4.p210
lexmark / xm1145_firmware	-	lw80.sb4.p210
lexmark / xm3150_firmware	-	lw80.sb7.p210
lexmark / mx610_firmware	-	lw80.sb7.p210
lexmark / mx611_firmware	-	lw80.sb7.p210
lexmark / mx617_firmware	-	lw80.sb7.p210
lexmark / m5163dn_firmware	-	lw80.dn2.p210
lexmark / ms710_firmware	-	lw80.dn2.p210
lexmark / ms711_firmware	-	lw80.dn2.p210
lexmark / ms810dn_firmware	-	lw80.dn2.p210
lexmark / ms811_firmware	-	lw80.dn2.p210
lexmark / ms812dn_firmware	-	lw80.dn2.p210
lexmark / ms817_firmware	-	lw80.dn2.p210
lexmark / ms818_firmware	-	lw80.dn2.p210
lexmark / ms810de_firmware	-	lw80.dn4.p210
lexmark / m5155_firmware	-	lw80.dn4.p210
lexmark / m5163de_firmware	-	lw80.dn4.p210
lexmark / ms812de_firmware	-	lw80.dn7.p210
lexmark / m5170_firmware	-	lw80.dn7.p210
lexmark / mx710_firmware	-	lw80.tu.p210
lexmark / mx711_firmware	-	lw80.tu.p210
lexmark / mx717_firmware	-	lw80.tu.p210
lexmark / mx718_firmware	-	lw80.tu.p210
lexmark / mx810_firmware	-	lw80.tu.p210
lexmark / mx811_firmware	-	lw80.tu.p210
lexmark / mx812_firmware	-	lw80.tu.p210
lexmark / xm5163_firmware	-	lw80.tu.p210
lexmark / xm5170_firmware	-	lw80.tu.p210
lexmark / xm5263_firmware	-	lw80.tu.p210
lexmark / xm5270_firmware	-	lw80.tu.p210
lexmark / xm7155_firmware	-	lw80.tu.p210
lexmark / xm7163_firmware	-	lw80.tu.p210
lexmark / xm7170_firmware	-	lw80.tu.p210
lexmark / xm7263_firmware	-	lw80.tu.p210
lexmark / xm7270_firmware	-	lw80.tu.p210
lexmark / ms911_firmware	-	lw80.sa.p210
lexmark / mx910_firmware	-	lw80.mg.p210
lexmark / mx911_firmware	-	lw80.mg.p210
lexmark / mx912_firmware	-	lw80.mg.p210
lexmark / xm9145_firmware	-	lw80.mg.p210
lexmark / xm9155_firmware	-	lw80.mg.p210
lexmark / xm9165_firmware	-	lw80.mg.p210
lexmark / mx6500e_firmware	-	lw80.jd.p210
lexmark / cs310_firmware	-	lw80.vyl.p210
lexmark / cs317_firmware	-	lw80.vyl.p210
lexmark / cs417_firmware	-	lw80.vy2.p210
lexmark / cs410_firmware	-	lw80.vy2.p210
lexmark / cs510_firmware	-	lw80.vy4.p210
lexmark / cs517_firmware	-	lw80.vy4.p210
lexmark / c2132_firmware	-	lw80.vy4.p210
lexmark / cx310_firmware	-	lw80.gm2.p210
lexmark / cx317_firmware	-	lw80.gm2.p210
lexmark / cx410_firmware	-	lw80.gm4.p210
lexmark / cx417_firmware	-	lw80.gm4.p210
lexmark / xc2130_firmware	-	lw80.gm4.p210
lexmark / cx510_firmware	-	lw80.gm7.p210
lexmark / cx517_firmware	-	lw80.gm7.p210
lexmark / xc2132_firmware	-	lw80.gm7.p210
lexmark / c746_firmware	-	lhs60.cm2.p753
lexmark / c748_firmware	-	lhs60.cm4.p753
lexmark / cs748_firmware	-	lhs60.cm4.p753
lexmark / c792_firmware	-	lhs60.hc.p753
lexmark / cs796_firmware	-	lhs60.hc.p753
lexmark / c925_firmware	-	lhs60.hv.p753
lexmark / c950_firmware	-	lhs60.tp.p753
lexmark / x548_firmware	-	lhs60.vk.p753
lexmark / xs548_firmware	-	lhs60.vk.p753
lexmark / x746_firmware	-	lhs60.ny.p753
lexmark / x748_firmware	-	lhs60.ny.p753
lexmark / xs748_firmware	-	lhs60.ny.p753
lexmark / x792_firmware	-	lhs60.mr.p753
lexmark / xs795_firmware	-	lhs60.mr.p753
lexmark / xs796_firmware	-	lhs60.mr.p753
lexmark / xs798_firmware	-	lhs60.mr.p753
lexmark / x925_firmware	-	lhs60.hk.p753
lexmark / xs925_firmware	-	lhs60.hk.p753
lexmark / x950_firmware	-	lhs60.tq.p753
lexmark / x952_firmware	-	lhs60.tq.p753
lexmark / x954_firmware	-	lhs60.tq.p753
lexmark / xs950_firmware	-	lhs60.tq.p753
lexmark / xs955_firmware	-	lhs60.tq.p753
lexmark / 6500e_firmware	-	lhs60.jr.p753
lexmark / c734_firmware	-	lr.sk.p835
lexmark / c736_firmware	-	lr.ske.p835
lexmark / e46x_firmware	-	lr.lbh.p835
lexmark / t65x_firmware	-	lr.jp.p835
lexmark / x46x_firmware	-	lr.bs.p835
lexmark / x65x_firmware	-	lr.mn.p835
lexmark / x73x_firmware	-	lr.fl.p835
lexmark / w850_firmware	-	lp.jb.p834
lexmark / x86x_firmware	-	lp.sp.p834

Vulnerability Database

290,206

CVE-2021-44737