CVE-2021-44735

9.8

CRITICAL

Lexmark Devices Unauthenticated Command Injection Vulnerability

Description

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.

INFO

Published Date :

Jan. 20, 2022, 5:15 p.m.

Last Modified :

Nov. 21, 2024, 6:31 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9 Public PoC/Exploit Available at Github

CVE-2021-44735 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2021-44735 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Lexmark	cx820_firmware
2	Lexmark	cx825_firmware
3	Lexmark	cx860_firmware
4	Lexmark	xc4150_firmware
5	Lexmark	xc6152_firmware
6	Lexmark	xc8155_firmware
7	Lexmark	xc8160_firmware
8	Lexmark	b2236_firmware
9	Lexmark	b2338_firmware
10	Lexmark	b2442_firmware
11	Lexmark	b2546_firmware
12	Lexmark	b2650_firmware
13	Lexmark	b2865_firmware
14	Lexmark	b3340_firmware
15	Lexmark	b3442_firmware
16	Lexmark	c2240_firmware
17	Lexmark	c2325_firmware
18	Lexmark	c2326_firmware
19	Lexmark	c2425_firmware
20	Lexmark	c2535_firmware
21	Lexmark	c3224_firmware
22	Lexmark	c3326_firmware
23	Lexmark	c3426_firmware
24	Lexmark	c4150_firmware
25	Lexmark	c6160_firmware
26	Lexmark	c9235_firmware
27	Lexmark	cs331_firmware
28	Lexmark	cs421_firmware
29	Lexmark	cs431_firmware
30	Lexmark	cs439_firmware
31	Lexmark	cs521_firmware
32	Lexmark	cs622_firmware
33	Lexmark	cs720_firmware
34	Lexmark	cs725_firmware
35	Lexmark	cs727_firmware
36	Lexmark	cs728_firmware
37	Lexmark	cs820_firmware
38	Lexmark	cs827_firmware
39	Lexmark	cs921_firmware
40	Lexmark	cs923_firmware
41	Lexmark	cs927_firmware
42	Lexmark	cx331_firmware
43	Lexmark	cx421_firmware
44	Lexmark	cx431_firmware
45	Lexmark	cx522_firmware
46	Lexmark	cx622_firmware
47	Lexmark	cx625_firmware
48	Lexmark	cx725_firmware
49	Lexmark	cx727_firmware
50	Lexmark	cx920_firmware
51	Lexmark	cx921_firmware
52	Lexmark	cx922_firmware
53	Lexmark	cx923_firmware
54	Lexmark	cx924_firmware
55	Lexmark	m1242_firmware
56	Lexmark	m1246_firmware
57	Lexmark	m1342_firmware
58	Lexmark	m3250_firmware
59	Lexmark	m5255_firmware
60	Lexmark	m5270_firmware
61	Lexmark	mb2236_firmware
62	Lexmark	mb2338_firmware
63	Lexmark	mb2442_firmware
64	Lexmark	mb2546_firmware
65	Lexmark	mb2650_firmware
66	Lexmark	mb2770_firmware
67	Lexmark	mb3442_firmware
68	Lexmark	mc2325_firmware
69	Lexmark	mc2425_firmware
70	Lexmark	mc2535_firmware
71	Lexmark	mc2640_firmware
72	Lexmark	mc3224_firmware
73	Lexmark	mc3326_firmware
74	Lexmark	mc3426_firmware
75	Lexmark	ms321_firmware
76	Lexmark	ms331_firmware
77	Lexmark	ms421_firmware
78	Lexmark	ms431_firmware
79	Lexmark	ms521_firmware
80	Lexmark	ms621_firmware
81	Lexmark	ms622_firmware
82	Lexmark	ms725_firmware
83	Lexmark	ms821_firmware
84	Lexmark	ms822_firmware
85	Lexmark	ms823_firmware
86	Lexmark	ms825_firmware
87	Lexmark	ms826_firmware
88	Lexmark	mx321_firmware
89	Lexmark	mx331_firmware
90	Lexmark	mx421_firmware
91	Lexmark	mx431_firmware
92	Lexmark	mx521_firmware
93	Lexmark	mx522_firmware
94	Lexmark	mx622_firmware
95	Lexmark	mx721_firmware
96	Lexmark	mx722_firmware
97	Lexmark	mx822_firmware
98	Lexmark	mx826_firmware
99	Lexmark	xc2235_firmware
100	Lexmark	xc2326_firmware
101	Lexmark	xc4140_firmware
102	Lexmark	xc4143_firmware
103	Lexmark	xc4153_firmware
104	Lexmark	xc4240_firmware
105	Lexmark	xc6153_firmware
106	Lexmark	xc8163_firmware
107	Lexmark	xc9225_firmware
108	Lexmark	xc9235_firmware
109	Lexmark	xc9245_firmware
110	Lexmark	xc9255_firmware
111	Lexmark	xc9265_firmware
112	Lexmark	xm1242_firmware
113	Lexmark	xm1246_firmware
114	Lexmark	xm1342_firmware
115	Lexmark	xm3250_firmware
116	Lexmark	xm5365_firmware
117	Lexmark	xm7355_firmware
118	Lexmark	xm7370_firmware
119	Lexmark	c4150
120	Lexmark	xc4150
121	Lexmark	c6160
122	Lexmark	cx820
123	Lexmark	cx825
124	Lexmark	cx860
125	Lexmark	xc6152
126	Lexmark	xc8155
127	Lexmark	xc8160
128	Lexmark	mx321
129	Lexmark	mb2338
130	Lexmark	mx622
131	Lexmark	mb2442
132	Lexmark	mb2546
133	Lexmark	mb2650
134	Lexmark	xm3250
135	Lexmark	mb2770
136	Lexmark	xm7355
137	Lexmark	xm7370
138	Lexmark	cx421
139	Lexmark	mc2325
140	Lexmark	mc2425
141	Lexmark	cx522
142	Lexmark	mc2535
143	Lexmark	mc2640
144	Lexmark	xc2235
145	Lexmark	xc4240
146	Lexmark	b2236
147	Lexmark	mb2236
148	Lexmark	ms431
149	Lexmark	ms331
150	Lexmark	m1342
151	Lexmark	b3442
152	Lexmark	b3340
153	Lexmark	xm1342
154	Lexmark	mx331
155	Lexmark	mx431
156	Lexmark	mb3442
157	Lexmark	ms321
158	Lexmark	ms421
159	Lexmark	ms521
160	Lexmark	ms621
161	Lexmark	m1242
162	Lexmark	m1246
163	Lexmark	b2338
164	Lexmark	b2442
165	Lexmark	b2546
166	Lexmark	b2650
167	Lexmark	ms622
168	Lexmark	m3250
169	Lexmark	mx421
170	Lexmark	mx521
171	Lexmark	mx522
172	Lexmark	xm1242
173	Lexmark	xm1246
174	Lexmark	ms821
175	Lexmark	ms823
176	Lexmark	ms825
177	Lexmark	b2865
178	Lexmark	ms725
179	Lexmark	ms822
180	Lexmark	ms826
181	Lexmark	m5255
182	Lexmark	m5270
183	Lexmark	mx722
184	Lexmark	mx822
185	Lexmark	mx826
186	Lexmark	xm5365
187	Lexmark	mx721
188	Lexmark	c3426
189	Lexmark	c2326
190	Lexmark	cs431
191	Lexmark	cs439
192	Lexmark	cs331
193	Lexmark	c3224
194	Lexmark	c3326
195	Lexmark	mc3426
196	Lexmark	cx431
197	Lexmark	xc2326
198	Lexmark	mc3224
199	Lexmark	mc3326
200	Lexmark	cx331
201	Lexmark	cs622
202	Lexmark	c2240
203	Lexmark	cs421
204	Lexmark	cs521
205	Lexmark	c2325
206	Lexmark	c2425
207	Lexmark	c2535
208	Lexmark	cx622
209	Lexmark	cx625
210	Lexmark	cs827
211	Lexmark	xc6153
212	Lexmark	xc8163
213	Lexmark	cs820
214	Lexmark	cs720
215	Lexmark	cs725
216	Lexmark	cs727
217	Lexmark	cs728
218	Lexmark	cx725
219	Lexmark	cx727
220	Lexmark	xc4140
221	Lexmark	xc4143
222	Lexmark	xc4153
223	Lexmark	cs921
224	Lexmark	cs923
225	Lexmark	cs927
226	Lexmark	c9235
227	Lexmark	cx920
228	Lexmark	cx921
229	Lexmark	cx922
230	Lexmark	cx923
231	Lexmark	cx924
232	Lexmark	xc9225
233	Lexmark	xc9235
234	Lexmark	xc9245
235	Lexmark	xc9255
236	Lexmark	xc9265

: Total Affected Vendor : 1 | Products : 236

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-44735.

URL	Resource
https://support.lexmark.com/alerts/	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-326/	Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-329/	Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-330/	Third Party Advisory VDB Entry
https://support.lexmark.com/alerts/	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-326/	Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-329/	Third Party Advisory VDB Entry
https://www.zerodayinitiative.com/advisories/ZDI-22-330/	Third Party Advisory VDB Entry

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

defensor/CVE-2021-44735

Exploit for CVE-2021-44735

Python

Updated: 1 year, 3 months ago

7 stars 0 fork 0 watcher

Born at : July 20, 2023, 9:20 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-44735 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-44735 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	New Value
Added	Reference	https://support.lexmark.com/alerts/
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-326/
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-329/
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-330/

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

Modified Analysis by [email protected]

Mar. 17, 2022

Action	Type	Old Value	New Value
Changed	Reference Type	https://www.zerodayinitiative.com/advisories/ZDI-22-326/ No Types Assigned	https://www.zerodayinitiative.com/advisories/ZDI-22-326/ Third Party Advisory, VDB Entry
Changed	Reference Type	https://www.zerodayinitiative.com/advisories/ZDI-22-329/ No Types Assigned	https://www.zerodayinitiative.com/advisories/ZDI-22-329/ Third Party Advisory, VDB Entry
Changed	Reference Type	https://www.zerodayinitiative.com/advisories/ZDI-22-330/ No Types Assigned	https://www.zerodayinitiative.com/advisories/ZDI-22-330/ Third Party Advisory, VDB Entry

CVE Modified by [email protected]

Feb. 15, 2022

Action	Type	New Value
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-330/ [No Types Assigned]
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-326/ [No Types Assigned]
Added	Reference	https://www.zerodayinitiative.com/advisories/ZDI-22-329/ [No Types Assigned]

Initial Analysis by [email protected]

Jan. 27, 2022

Action	Type	Old Value	New Value
Added	CVSS V2		NIST (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed	Reference Type	https://support.lexmark.com/alerts/ No Types Assigned	https://support.lexmark.com/alerts/ Vendor Advisory
Added	CWE		NIST CWE-77
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2236_firmware::::::::* versions up to (excluding) mslsg.076.294 OR cpe:2.3:h:lexmark:b2236:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2236_firmware::::::::* versions up to (excluding) mxlsg.076.294 OR cpe:2.3:h:lexmark:mb2236:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms431_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:ms431:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms331_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:ms331:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m1342_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:m1342:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b3442_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:b3442:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b3340_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:b3340:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm1342_firmware::::::::* versions up to (excluding) mslbd.076.294 OR cpe:2.3:h:lexmark:xm1342:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx331_firmware::::::::* versions up to (excluding) mxlbd.076.294 OR cpe:2.3:h:lexmark:mx331:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx431_firmware::::::::* versions up to (excluding) mxlbd.076.294 OR cpe:2.3:h:lexmark:mx431:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb3442_firmware::::::::* versions up to (excluding) mxlbd.076.294 OR cpe:2.3:h:lexmark:mb3442:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms321_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:ms321:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms421_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:ms421:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms521_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:ms521:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms621_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:ms621:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m1242_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:m1242:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m1246_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:m1246:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2338_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:b2338:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2442_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:b2442:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2546_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:b2546:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2650_firmware::::::::* versions up to (excluding) msngm.076.294 OR cpe:2.3:h:lexmark:b2650:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms622_firmware::::::::* versions up to (excluding) mstgm.076.294 OR cpe:2.3:h:lexmark:ms622:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m3250_firmware::::::::* versions up to (excluding) mstgm.076.294 OR cpe:2.3:h:lexmark:m3250:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx321_firmware::::::::* versions up to (excluding) mxngm.076.294 OR cpe:2.3:h:lexmark:mx321:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2338_firmware::::::::* versions up to (excluding) mxngm.076.294 OR cpe:2.3:h:lexmark:mb2338:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx421_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mx421:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx521_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mx521:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx522_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mx522:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx622_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mx622:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm1242_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:xm1242:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm1246_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:xm1246:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm3250_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:xm3250:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2442_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mb2442:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2546_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mb2546:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2650_firmware::::::::* versions up to (excluding) mxtgm.076.294 OR cpe:2.3:h:lexmark:mb2650:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms821_firmware::::::::* versions up to (excluding) msngw.076.294 OR cpe:2.3:h:lexmark:ms821:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms823_firmware::::::::* versions up to (excluding) msngw.076.294 OR cpe:2.3:h:lexmark:ms823:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms825_firmware::::::::* versions up to (excluding) msngw.076.294 OR cpe:2.3:h:lexmark:ms825:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:b2865_firmware::::::::* versions up to (excluding) msngw.076.294 OR cpe:2.3:h:lexmark:b2865:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms725_firmware::::::::* versions up to (excluding) msngw.076.294 OR cpe:2.3:h:lexmark:ms725:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms822_firmware::::::::* versions up to (excluding) mstgw.076.294 OR cpe:2.3:h:lexmark:ms822:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:ms826_firmware::::::::* versions up to (excluding) mstgw.076.294 OR cpe:2.3:h:lexmark:ms826:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m5255_firmware::::::::* versions up to (excluding) mstgw.076.294 OR cpe:2.3:h:lexmark:m5255:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:m5270_firmware::::::::* versions up to (excluding) mstgw.076.294 OR cpe:2.3:h:lexmark:m5270:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx722_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:mx722:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx822_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:mx822:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx826_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:mx826:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm5365_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:xm5365:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm7355_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:xm7355:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xm7370_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:xm7370:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mb2770_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:mb2770:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mx721_firmware::::::::* versions up to (excluding) mxtgw.076.294 OR cpe:2.3:h:lexmark:mx721:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c3426_firmware::::::::* versions up to (excluding) cslbn.076.294 OR cpe:2.3:h:lexmark:c3426:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c2326_firmware::::::::* versions up to (excluding) cslbn.076.294 OR cpe:2.3:h:lexmark:c2326:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs431_firmware::::::::* versions up to (excluding) cslbn.076.294 OR cpe:2.3:h:lexmark:cs431:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs439_firmware::::::::* versions up to (excluding) cslbn.076.294 OR cpe:2.3:h:lexmark:cs439:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs331_firmware::::::::* versions up to (excluding) cslbl.076.294 OR cpe:2.3:h:lexmark:cs331:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c3224_firmware::::::::* versions up to (excluding) cslbl.076.294 OR cpe:2.3:h:lexmark:c3224:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c3326_firmware::::::::* versions up to (excluding) cslbl.076.294 OR cpe:2.3:h:lexmark:c3326:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc3426_firmware::::::::* versions up to (excluding) cxlbn.076.294 OR cpe:2.3:h:lexmark:mc3426:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx431_firmware::::::::* versions up to (excluding) cxlbn.076.294 OR cpe:2.3:h:lexmark:cx431:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc2326_firmware::::::::* versions up to (excluding) cxlbn.076.294 OR cpe:2.3:h:lexmark:xc2326:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc3426_firmware::::::::* versions up to (excluding) cxlbn.076.294 OR cpe:2.3:h:lexmark:mc3426:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc3224_firmware::::::::* versions up to (excluding) cxlbl.076.294 OR cpe:2.3:h:lexmark:mc3224:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc3326_firmware::::::::* versions up to (excluding) cxlbl.076.294 OR cpe:2.3:h:lexmark:mc3326:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx331_firmware::::::::* versions up to (excluding) cxlbl.076.294 OR cpe:2.3:h:lexmark:cx331:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs622_firmware::::::::* versions up to (excluding) cstzj.076.294 OR cpe:2.3:h:lexmark:cs622:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c2240_firmware::::::::* versions up to (excluding) cstzj.076.294 OR cpe:2.3:h:lexmark:c2240:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs421_firmware::::::::* versions up to (excluding) csnzj.076.294 OR cpe:2.3:h:lexmark:cs421:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs521_firmware::::::::* versions up to (excluding) csnzj.076.294 OR cpe:2.3:h:lexmark:cs521:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c2325_firmware::::::::* versions up to (excluding) csnzj.076.294 OR cpe:2.3:h:lexmark:c2325:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c2425_firmware::::::::* versions up to (excluding) csnzj.076.294 OR cpe:2.3:h:lexmark:c2425:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c2535_firmware::::::::* versions up to (excluding) csnzj.076.294 OR cpe:2.3:h:lexmark:c2535:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx522_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:cx522:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx622_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:cx622:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx625_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:cx625:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc2235_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:xc2235:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc4240_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:xc4240:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc2535_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:mc2535:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc2640_firmware::::::::* versions up to (excluding) cxtzj.076.294 OR cpe:2.3:h:lexmark:mc2640:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx421_firmware::::::::* versions up to (excluding) cxnzj.076.294 OR cpe:2.3:h:lexmark:cx421:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc2325_firmware::::::::* versions up to (excluding) cxnzj.076.294 OR cpe:2.3:h:lexmark:mc2325:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:mc2425_firmware::::::::* versions up to (excluding) cxnzj.076.294 OR cpe:2.3:h:lexmark:mc2425:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx820_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:cx820:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx825_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:cx825:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs827_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:cs827:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx860_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:cx860:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc6152_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:xc6152:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc6153_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:xc6153:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc8155_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:xc8155:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc8160_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:xc8160:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc8163_firmware::::::::* versions up to (excluding) cxtpp.076.294 OR cpe:2.3:h:lexmark:xc8163:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs820_firmware::::::::* versions up to (excluding) cstpp.076.294 OR cpe:2.3:h:lexmark:cs820:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs827_firmware::::::::* versions up to (excluding) cstpp.076.294 OR cpe:2.3:h:lexmark:cs827:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c6160_firmware::::::::* versions up to (excluding) cstpp.076.294 OR cpe:2.3:h:lexmark:c6160:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs720_firmware::::::::* versions up to (excluding) cstat.076.294 OR cpe:2.3:h:lexmark:cs720:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs725_firmware::::::::* versions up to (excluding) cstat.076.294 OR cpe:2.3:h:lexmark:cs725:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs727_firmware::::::::* versions up to (excluding) cstat.076.294 OR cpe:2.3:h:lexmark:cs727:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs728_firmware::::::::* versions up to (excluding) cstat.076.294 OR cpe:2.3:h:lexmark:cs728:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c4150_firmware::::::::* versions up to (excluding) cstat.076.294 OR cpe:2.3:h:lexmark:c4150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx725_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:cx725:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx727_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:cx727:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc4140_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:xc4140:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc4143_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:xc4143:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc4150_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:xc4150:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc4153_firmware::::::::* versions up to (excluding) cxtat.076.294 OR cpe:2.3:h:lexmark:xc4153:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs921_firmware::::::::* versions up to (excluding) cstmh.076.294 OR cpe:2.3:h:lexmark:cs921:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs923_firmware::::::::* versions up to (excluding) cstmh.076.294 OR cpe:2.3:h:lexmark:cs923:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cs927_firmware::::::::* versions up to (excluding) cstmh.076.294 OR cpe:2.3:h:lexmark:cs927:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:c9235_firmware::::::::* versions up to (excluding) cstmh.076.294 OR cpe:2.3:h:lexmark:c9235:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx920_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:cx920:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx921_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:cx921:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx922_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:cx922:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx923_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:cx923:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:cx924_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:cx924:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc9225_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:xc9225:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc9235_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:xc9235:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc9245_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:xc9245:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc9255_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:xc9255:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:lexmark:xc9265_firmware::::::::* versions up to (excluding) cxtmh.076.294 OR cpe:2.3:h:lexmark:xc9265:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-44735 is associated with the following CWEs:

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-44735 weaknesses.

CAPEC-15: Command Delimiters Command Delimiters CAPEC-40: Manipulating Writeable Terminal Devices Manipulating Writeable Terminal Devices CAPEC-43: Exploiting Multiple Input Interpretation Layers Exploiting Multiple Input Interpretation Layers CAPEC-75: Manipulating Writeable Configuration Files Manipulating Writeable Configuration Files CAPEC-76: Manipulating Web Input to File System Calls Manipulating Web Input to File System Calls CAPEC-136: LDAP Injection LDAP Injection CAPEC-183: IMAP/SMTP Command Injection IMAP/SMTP Command Injection CAPEC-248: Command Injection Command Injection

CVE-2021-44735

Lexmark Devices Unauthenticated Command Injection Vulnerability

Description

INFO

Jan. 20, 2022, 5:15 p.m.

Nov. 21, 2024, 6:31 a.m.

[email protected]

Yes !

5.9

3.9

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

defensor/CVE-2021-44735

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

10.08 }} 7.33%

0.94901

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable