Lexmark Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2018-17944)

On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are...

Lexmark Printers Server-Side Request Forgery (SSRF) (CVE-2023-23560)

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Lexmark Printers Cross-site Scripting (CVE-2020-10094)

A cross-site scripting XSS vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 befo...

Lexmark Printers Cross-site Scripting (CVE-2019-19773)

Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2011-3269)

Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Lexmark Printers 7PK - Security Features (CVE-2019-10059)

The legacy finger service TCP port 79 is enabled by default on various older Lexmark devices. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Lexmark Printers Improper Authentication (CVE-2021-44736)

The initial admin account setup wizard on Lexmark devices allow unauthenticated access to the out of service erase feature. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...

Lexmark Printers Classic Buffer Overflow (CVE-2021-44738)

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Lexmark Printers Cross-site Scripting (CVE-2019-18791)

Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2019-9933)

Various Lexmark products have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503879; scriptversion"1.2";...

Lexmark Printers Cross-site Scripting (CVE-2020-10093)

A cross-site scripting XSS vulnerability in Lexmark Pro910 series inkjet and other discontinued products. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Lexmark Printers Integer Overflow or Wraparound (CVE-2019-9930)

Various Lexmark products have an Integer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503866; scriptversion"1.2";...

Lexmark Printers Improper Input Validation (CVE-2022-29850)

Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Lexmark Printers Improper Restriction of XML External Entity Reference (CVE-2023-40239)

Certain Lexmark devices such as CS310 before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80..P246, i.e., '' indicates that the full version specification varies across product model family, but firmware level P246 or higher is required to...

Lexmark Printers Denial of Service (CVE-2019-9931)

Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Path Traversal (CVE-2021-44737)

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Lexmark Printers Missing Authentication for Critical Function (CVE-2019-9935)

Various Lexmark products have an Incorrect Access Control vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503853; scriptversion"1.2...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2019-9932)

Various Lexmark products have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503876; scriptversion"1.2";...

Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-15520)

Various Lexmark devices have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503861; scriptversion"1.4";...

Lexmark Printers Code Injection (CVE-2021-44734)

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...