Workcentre_5865_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Workcentre_5865_firmware
(Xerox)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	7

Date	Id	Summary	Products	Score	Patch	Annotated
2021-01-26	CVE-2020-36201	An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5945_firmware, Workcentre_5945i_firmware, Workcentre_5955_firmware, Workcentre_5955i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	7.5
2019-02-10	CVE-2018-20769	An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	7.5
2020-04-29	CVE-2016-11061	Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5945_firmware, Workcentre_5945i_firmware, Workcentre_5955_firmware, Workcentre_5955i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7200_firmware, Workcentre_7200i_firmware, Workcentre_7220_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7835_firmware, Workcentre_7845_firmware, Workcentre_7855_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware	N/A
2019-02-10	CVE-2018-20771	An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	9.8
2019-02-10	CVE-2018-20770	An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	9.8
2019-02-10	CVE-2018-20768	An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	9.8
2019-02-10	CVE-2018-20767	An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.	Workcentre_3655_firmware, Workcentre_3655i_firmware, Workcentre_5845_firmware, Workcentre_5865_firmware, Workcentre_5865i_firmware, Workcentre_5875_firmware, Workcentre_5875i_firmware, Workcentre_5890_firmware, Workcentre_5890i_firmware, Workcentre_5900_firmware, Workcentre_5900i_firmware, Workcentre_6655_firmware, Workcentre_6655i_firmware, Workcentre_7220_firmware, Workcentre_7220i_firmware, Workcentre_7225_firmware, Workcentre_7225i_firmware, Workcentre_7830_firmware, Workcentre_7830i_firmware, Workcentre_7835_firmware, Workcentre_7835i_firmware, Workcentre_7845_firmware, Workcentre_7845i_firmware, Workcentre_7855_firmware, Workcentre_7855i_firmware, Workcentre_7970_firmware, Workcentre_7970i_firmware, Workcentre_ec7836_firmware, Workcentre_ec7856_firmware	8.8