Lucene search

K

WorkCentre 6655 Security Vulnerabilities

cve
cve

CVE-2018-20768

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable...

9.8CVSS

9.6AI Score

0.003EPSS

2022-10-03 04:22 PM
27
cve
cve

CVE-2018-20769

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion...

7.5CVSS

8AI Score

0.002EPSS

2022-10-03 04:22 PM
31
cve
cve

CVE-2018-20767

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command...

8.8CVSS

9.2AI Score

0.002EPSS

2022-10-03 04:22 PM
20
cve
cve

CVE-2018-20770

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL...

9.8CVSS

9.7AI Score

0.001EPSS

2022-10-03 04:22 PM
22
cve
cve

CVE-2018-20771

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command...

9.8CVSS

9.7AI Score

0.004EPSS

2022-10-03 04:22 PM
19
cve
cve

CVE-2019-10881

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be...

9.8CVSS

9.4AI Score

0.002EPSS

2021-04-13 09:15 PM
32
5
cve
cve

CVE-2020-36201

An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856...

7.5CVSS

7.5AI Score

0.002EPSS

2021-01-26 06:15 PM
28
1
cve
cve

CVE-2016-11061

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the.....

9.8CVSS

9.7AI Score

0.002EPSS

2020-04-29 10:15 PM
23
cve
cve

CVE-2020-9330

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP....

8.8CVSS

8.7AI Score

0.001EPSS

2020-02-21 11:15 PM
106
cve
cve

CVE-2019-10880

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be...

9.8CVSS

9.7AI Score

0.002EPSS

2019-04-12 06:29 PM
40