937 matches found
Lexmark Printers Improper Restriction of XML External Entity Reference (CVE-2023-40239)
Certain Lexmark devices such as CS310 before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80..P246, i.e., '' indicates that the full version specification varies across product model family, but firmware level P246 or higher is required to...
Lexmark Printers Path Traversal (CVE-2018-18894)
Certain older Lexmark devices C, M, X, and 6500e before 2018-12-18 contain a directory traversal vulnerability in the embedded web server. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Lexmark Printers Cross-site Scripting (CVE-2019-18791)
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser. This plugin only works with Tenable.ot. Please visit...
Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-15519)
Various Lexmark devices have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503860; scriptversion"1.3";...
Lexmark Printers Cross-site Scripting (CVE-2019-19772)
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...
Lexmark Printers Improper Input Validation (CVE-2022-29850)
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Lexmark Printers Code Injection (CVE-2021-44734)
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Lexmark Printers Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-15520)
Various Lexmark devices have a Buffer Overflow vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503861; scriptversion"1.4";...
Lexmark Printers Improper Input Validation (CVE-2019-6489)
Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Lexmark Printers Command Injection (CVE-2021-44735)
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503880;...
Lexmark Printers Improper Restriction of Excessive Authentication Attempts (CVE-2023-22960)
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503878;...
Lexmark Printers Improper Access Control (CVE-2019-10058)
Various Lexmark products have an Incorrect Access Control vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503869; scriptversion"1.2...
Lexmark Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2018-17944)
On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are...
Lexmark Printers Cross-site Scripting (CVE-2019-19773)
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&lo cale=en&userlocale=ENUS. This plugin only works with Tenable.ot. Please visit...
Lexmark Printers Denial of Service (CVE-2019-9931)
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Lexmark Printers Cross-site Scripting (CVE-2020-10094)
A cross-site scripting XSS vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 befo...
Lexmark Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2011-3269)
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Lexmark Printers 7PK - Security Features (CVE-2019-10059)
The legacy finger service TCP port 79 is enabled by default on various older Lexmark devices. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Lexmark Printers Missing Authentication for Critical Function (CVE-2019-9934)
Various Lexmark products have an Incorrect Access Control vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503870; scriptversion"1.2...
Lexmark Printers Cross-Site Request Forgery (CSRF) (CVE-2019-10057)
Various Lexmark products have a CSRF vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503859; scriptversion"1.2";...