Lucene search
+L

235 matches found

prion
prion
added 2020/03/10 1:15 p.m.26 views

Directory traversal

Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...

5CVSS7.6AI score0.01655EPSS
Exploits0References2Affected Software49
cvelist
cvelist
added 2020/03/10 12:50 p.m.24 views

CVE-2018-18894

Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...

7.6AI score0.01655EPSS
Exploits0References2
nvd
nvd
added 2020/03/06 10:15 p.m.22 views

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

5.4CVSS5.3AI score0.00653EPSS
Exploits0References1
osv
osv
added 2020/03/06 10:15 p.m.4 views

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

5.4CVSS6.1AI score0.00653EPSS
Exploits0References1
osv
osv
added 2020/03/06 10:15 p.m.2 views

CVE-2019-19773

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

5.4CVSS6.1AI score0.00653EPSS
Exploits0References1
prion
prion
added 2020/03/06 10:15 p.m.18 views

Cross site scripting

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

3.5CVSS5.3AI score0.00653EPSS
Exploits0References1Affected Software80
prion
prion
added 2020/03/06 10:15 p.m.13 views

Cross site scripting

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

3.5CVSS5.2AI score0.00653EPSS
Exploits0References1Affected Software80
cve
cve
added 2020/03/06 9:1 p.m.149 views

CVE-2019-19772

CVE-2019-19772 affects Lexmark printers with an embedded web server that is vulnerable to reflected Cross-Site Scripting (XSS). Root cause: lack of proper validation of client-side data in the web application, enabling an attacker to inject and execute script in a user’s browser. Impact per sourc...

5.4CVSS5.3AI score0.00653EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/03/06 9:1 p.m.23 views

CVE-2019-19772

Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

5.3AI score0.00653EPSS
Exploits0References1
cve
cve
added 2020/03/06 9:1 p.m.156 views

CVE-2019-19773

CVE-2019-19773 describes a stored cross-site scripting (XSS) vulnerability in the embedded web server of older Lexmark devices/printers. The issue arises from improper validation in web server handling of client data, leading to possible client-side code execution within affected interfaces. Mult...

5.4CVSS5.2AI score0.00653EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/03/06 9:1 p.m.19 views

CVE-2019-19773

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...

5.3AI score0.00653EPSS
Exploits0References1
prion
prion
added 2020/02/13 4:15 p.m.20 views

Cross site scripting

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

3.5CVSS5.2AI score0.00527EPSS
Exploits0References2Affected Software80
cve
cve
added 2020/02/13 3:1 p.m.76 views

CVE-2019-18791

The CVE-2019-18791 issue affects Lexmark printer MS812 and older Lexmark devices, due to a stored XSS in the embedded web server. The root cause is insufficient validation of client-side data by the web application, allowing an attacker to expose session credentials and other information via the ...

5.4CVSS5.2AI score0.00527EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/02/13 3:1 p.m.25 views

CVE-2019-18791

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...

5.3AI score0.00527EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.4 views

The vulnerability of the embedded web-server microprogramming software of Moxa EDS-G516E and Moxa EDS-510E switches allows a hacker to execute arbitrary code or cause malfunctions in the device’s functionality.

The vulnerability of the embedded web-server microprogramming software for Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure using a specially crafted...

10CVSS6.5AI score0.0272EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.6 views

The vulnerability of the embedded web-server microprogramming software in Moxa PT-7528 and Moxa PT-7828 Ethernet switches allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the embedded web-server microprogramming software for Moxa PT-7528 and Moxa PT-7828 switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a service failure using a specially crafted...

10CVSS6.4AI score0.0283EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.5 views

The vulnerability of the UDPmessageSetting component within the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a attacker to cause service interruptions.

The vulnerability of the UDPmessageSetting component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file...

7.8CVSS5.9AI score
Exploits0References1Affected Software2
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.6 views

The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a hacker to cause a service failure.

The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file remote...

7.8CVSS5.9AI score
Exploits0References1Affected Software2
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.6 views

The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 allows a hacker to intercept administrator credentials and other confidential information, gaining access to the control system.

The vulnerability of the embedded web-server microprogramming system controllers from Moxa, models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660, stems from the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability...

10CVSS5.5AI score0.0094EPSS
Exploits0References3Affected Software6
bdu_fstec
bdu_fstec
added 2019/09/25 12:0 a.m.6 views

The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 allows a hacker to perform arbitrary actions on the vulnerable device.

The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 is related to a predictable algorithm for token generation. Exploiting this vulnerability allows an attacker operating remotely to perform arbitrary...

10CVSS5.6AI score0.01492EPSS
Exploits0References3Affected Software6
Rows per page
Query Builder