2 matches found
CVE-2022-23968
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers to brick the device via a crafted TIFF file in an unauthenticated HTTP POST request. There is a permanent denial of service because image parsing causes a reboot, but image parsing is restarted as so...
CVE-2022-23968
CVE-2022-23968 affects Xerox VersaLink devices on specific firmware versions prior to 2022-01-26. A crafted TIFF file with an incomplete Image Directory, delivered via an unauthenticated HTTP POST request, can cause the device to reboot during image parsing, resulting in a permanent denial of ser...