Lexmark.Markvision.GfdFileUploadServlet.Directory.Traversal
Description
This indicates an attack attempt against a Directory Traversal vulnerability in Lexmark MarkVision.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP packet. It allows a remote attacker to create files in the affected machine and execute arbitrary code in the vulnerable machine via crafted requests.
Affected Products
Lexmark MarkVision Enterprise prior to v2.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch for this issue
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-11-22 | 15.729 | Name:Lexmark. MarkVision. GfdFileUploadServlet. Directory. Traversal:Lexmark. Markvision. GfdFileUploadServlet. Directory. Traversal |
2019-01-03 | 13.517 | Sig Added |