CVE-2021-44735

Vulnerability

CVE-2021-44735 is a command injection vulnerability in the embedded web server of Lexmark printers, specifically the MC3224i model. The flaw exists in the packet capture functionality; when parsing the filter property, the system fails to properly validate a user-supplied string before using it to execute a system call [1]. This vulnerability affects Lexmark devices through 2021-12-07 [2] [3].

Exploitation

An attacker must have network-adjacent access to the device and possess valid credentials, although the existing authentication mechanism can be bypassed [1]. Once authenticated, the attacker sends specially crafted input to the filter property to inject commands that are executed during the processing of packet captures [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code on the printer in the context of the www-data user [1]. The CVSS score is 5.5 (AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), indicating limited impact on confidentiality, integrity, and availability [1].

Mitigation

Lexmark has issued an update to address this vulnerability [2][3]. Affected users should apply the latest firmware from Lexmark's security advisories page [4]. No workarounds have been publicly documented.