235 matches found
Directory traversal
Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...
CVE-2018-18894
Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server...
CVE-2019-19772
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
CVE-2019-19772
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
CVE-2019-19773
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
Cross site scripting
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
Cross site scripting
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
CVE-2019-19772
CVE-2019-19772 affects Lexmark printers with an embedded web server that is vulnerable to reflected Cross-Site Scripting (XSS). Root cause: lack of proper validation of client-side data in the web application, enabling an attacker to inject and execute script in a user’s browser. Impact per sourc...
CVE-2019-19772
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
CVE-2019-19773
CVE-2019-19773 describes a stored cross-site scripting (XSS) vulnerability in the embedded web server of older Lexmark devices/printers. The issue arises from improper validation in web server handling of client data, leading to possible client-side code execution within affected interfaces. Mult...
CVE-2019-19773
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=ENUS...
Cross site scripting
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...
CVE-2019-18791
The CVE-2019-18791 issue affects Lexmark printer MS812 and older Lexmark devices, due to a stored XSS in the embedded web server. The root cause is insufficient validation of client-side data by the web application, allowing an attacker to expose session credentials and other information via the ...
CVE-2019-18791
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser...
The vulnerability of the embedded web-server microprogramming software of Moxa EDS-G516E and Moxa EDS-510E switches allows a hacker to execute arbitrary code or cause malfunctions in the device’s functionality.
The vulnerability of the embedded web-server microprogramming software for Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure using a specially crafted...
The vulnerability of the embedded web-server microprogramming software in Moxa PT-7528 and Moxa PT-7828 Ethernet switches allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the embedded web-server microprogramming software for Moxa PT-7528 and Moxa PT-7828 switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a service failure using a specially crafted...
The vulnerability of the UDPmessageSetting component within the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a attacker to cause service interruptions.
The vulnerability of the UDPmessageSetting component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file...
The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches allows a hacker to cause a service failure.
The vulnerability of the PTPSettingEnable component in the embedded web-server software of Moxa EDS-G516E and Moxa EDS-510E switches is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions by modifying the configuration file remote...
The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 allows a hacker to intercept administrator credentials and other confidential information, gaining access to the control system.
The vulnerability of the embedded web-server microprogramming system controllers from Moxa, models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660, stems from the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability...
The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 allows a hacker to perform arbitrary actions on the vulnerable device.
The vulnerability of the embedded web-server microprogramming software for Moxa MGate models MB3170, MB3180, MB3270, MB3280, MB3480, and MB3660 is related to a predictable algorithm for token generation. Exploiting this vulnerability allows an attacker operating remotely to perform arbitrary...