|
2020-02-21
|
CVE-2020-9330
|
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer...
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5855_firmware, Workcentre_5945_firmware, Workcentre_5955_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7225_firmware, Workcentre_7830_firmware, Workcentre_7835_firmware, Workcentre_7845_firmware, Workcentre_7855_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
8.8
|
|
|
|
2019-02-10
|
CVE-2018-20769
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
7.5
|
|
|
|
2019-02-10
|
CVE-2018-20771
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
9.8
|
|
|
|
2019-02-10
|
CVE-2018-20770
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
9.8
|
|
|
|
2019-02-10
|
CVE-2018-20768
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
9.8
|
|
|
|
2019-02-10
|
CVE-2018-20767
|
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.
|
Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware
|
8.8
|
|
|