cvedb.io
CVE-2017-13771
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-09-07T13:29:00.653 · Last modified 2026-06-17T01:05:08.960

Summary

Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet.

Affected products

lexmark — scan_to_network

Does this affect you?

Add your gear to cvedb and we'll alert you only when lexmark ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.