CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

EUVD-2022-28884

Malicious code in bioql PyPI...

Xerox Versalink Printers Vulnerabilities Could Let Hackers Steal Credentials

Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws CVE-2024-12510 & CVE-2024-12511. Update…...

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

During security testing, Rapid7 discovered that Xerox Versalink C7025 Multifunction printers MFPs were vulnerable to pass-back attacks. The affected products identified were: Xerox Versalink MFPs Firmware Version: 57.69.91 and earlier This issue has been assigned the following CVEs: CVE-2024-1251...

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox USA. A security vulnerability exists in Xerox Versalink that stems from the fact that authentication may be redirected to another server, exposing credentials...

Xerox多款产品 安全漏洞

Xerox AltaLink and others are products of Xerox Corporation, U.S.A. Xerox AltaLink is a hardware device.Xerox VersaLink is a line of commercial printers.Xerox WorkCentre is a line of all-in-one printers. A security vulnerability exists in various Xerox products, which stems from the presence of a...

CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

Design/Logic Flaw

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

CVE-2022-23968

Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...

Xerox VersaLink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation in the United States. A security vulnerability exists in Xerox VersaLink devices that stems from a lack of authentication of files in HTTP POST requests in certain versions of firmware, which allows remote attackers to exploi...

Vulnerability found in Xerox printers

A researcher has found a vulnerability in VersaLink printers from Xerox. The vulnerability allows an unauthenticated remote malicious party capable of causing a denial-of-service cause. In order to exploit the vulnerability, the attacker must obtain a TIFF document with incomplete image directory...

Xerox Versalink Denial Of Service

Credits: Mahmoud Al-Qudsi + Website: https://neosmart.net/ + Source: https://neosmart.net/blog/?p=4865 + Media: https://twitter.com/mqudsi and https://twitter.com/neosmart Vendor Xerox Corporation Product Xerox Versalink printers, other Xerox printers/copiers. Vulnerability Type Remote...