← Back

Repetier Server

repetier-server

Vendor: Repetier Server • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-31061
1Repetier Server
1Repetier Server
Feb 4, 2025
Apr 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Repetier Server through 1.4.10 does not have CSRF protection.
CVE-2023-31060
1Repetier Server
1Repetier Server
Feb 4, 2025
Apr 24, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.
CVE-2023-31059
1Repetier Server
1Repetier Server
Feb 4, 2025
Apr 24, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.
CVE-2019-14450
1Repetier Server
1Repetier Server
Jun 17, 2026
Oct 28, 2019
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined wit...Show more
A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.Show less
CVE-2019-14451
1Repetier Server
1Repetier Server
Jun 17, 2026
Oct 25, 2019
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upl...Show more
RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart.Show less