Xerox

Workcentre Ec7856 Firmware

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-36201

  • EPSS 0.15%
  • Published 26.01.2021 18:15:55
  • Last modified 21.11.2024 05:29:00

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.

6.1

CVE-2020-26162

  • EPSS 0.31%
  • Published 09.10.2020 07:15:11
  • Last modified 21.11.2024 05:19:24

Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.

8.8

CVE-2020-9330

Exploit
  • EPSS 0.33%
  • Published 21.02.2020 23:15:11
  • Last modified 21.11.2024 05:40:25

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using defaul...

8.8

CVE-2018-20767

  • EPSS 1.69%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution.

9.8

CVE-2018-20768

  • EPSS 0.64%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writa...

7.5

CVE-2018-20769

  • EPSS 0.38%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.

9.8

CVE-2018-20770

  • EPSS 0.35%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:07

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.

9.8

CVE-2018-20771

  • EPSS 2.12%
  • Published 10.02.2019 17:29:00
  • Last modified 21.11.2024 04:02:08

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.