Xerox

Workcentre 5890 Firmware

7 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-36201

  • EPSS 0.15%
  • Published 26.01.2021 18:15:55
  • Last modified 21.11.2024 05:29:00

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

10

CVE-2016-11061

  • EPSS 2.49%
  • Published 29.04.2020 22:15:11
  • Last modified 21.11.2024 02:45:24

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthe...

8.8

CVE-2018-20767

  • EPSS 1.69%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.

9.8

CVE-2018-20768

  • EPSS 0.64%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writa...

7.5

CVE-2018-20769

  • EPSS 0.38%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.

9.8

CVE-2018-20770

  • EPSS 0.35%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.

9.8

CVE-2018-20771

  • EPSS 2.12%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:08

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.