CVE-2023-30759

HIGH Year: 2023
CVSS v3 Score
8.4
High
Weakness Type
CWE-345
View all →

Vulnerability Description

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an unexpected process with the administrative privilege. If a non-administrative user modifies the driver installation package and runs it on the target PC, an arbitrary program may be executed with the administrative privilege.

Related Vulnerabilities

CVE-2025-24903

HIGH
CVSS:8.5(High)

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0...

CWE-3452025

CVE-2016-4553

HIGH
CVSS:8.6(High)

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via...

CWE-3452016

CVE-2016-4554

HIGH
CVSS:8.6(High)

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smu...

CWE-3452016

CVE-2018-10080

HIGH
CVSS:8.6(High)

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.

CWE-3452018

CVE-2021-1586

HIGH
CVSS:8.6(High)

A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remot...

CWE-3452021

CVE-2022-26122

HIGH
CVSS:8.6(High)

An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker...

CWE-3452022