CVE-2021-20679

Fuji Xerox multifunction devices and printers DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort...

Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS)

Overview Multifunction devices and printers provided by Fuji Xerox Co.,Ltd. contain a denial-of-service DoS vulnerability. Masahiro Kawada of Ierae Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

CVE-2019-18630

On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure...

CVE-2019-18628

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information...

CVE-2019-18629

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a...

Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41220)

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41225)

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41175)

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

多款Cisco产品缓冲区错误漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

多款Cisco产品缓冲区错误漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

Cross site scripting

A cross-site scripting XSS vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; MS310, MS312, MS317 before LW74.PRL.P273; MS410, M1140 befo...

HP Color LaserJet Pro M280-M281 Multifunction Printer series and HP LaserJet Pro MFP M28-M31 Printer series buffer overflow vulnerability (CNVD-2019-23317)

HP Color LaserJet Pro M280-M281 Multifunction Printer series and HP LaserJet Pro MFP M28-M31 Printer series are printer products introduced by Hewlett-Packard HP. A buffer overflow vulnerability exists in the HP Color LaserJet Pro M280-M281 Multifunction Printer series prior to version 20190419 a...

CVE-2019-6324

HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...

CVE-2019-6325

CVE-2019-6325 affects HP Color LaserJet Pro M280-M281 Multifunction Printer series (before 20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before 20190426). The vulnerability is a Cross-Site Request Forgery in the printer’s embedded web server. HP’s advisory (HPSBPI03619 rev. 2) notes t...

CVE-2019-6324

HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...

CVE-2019-6323

HP Color LaserJet Pro M280-M281 Multifunction Printer series (before 20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before 20190426) expose a vulnerability in the embedded web server’s wireless configuration page that allows reflected cross-site scripting (XSS). Root cause: lack of pro...

The vulnerability of the Wizard component in the microprogramming software of the RICOH MP multifunctional device allows a hacker to inject any code into the protected web page.

The vulnerability of the Wizard component file /web/entry/en/address/adrsSetUserWizard.cgi of the RICOH MP multifunctional device exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into...

CVE-2018-0405 Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability

A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due...

CVE-2018-5921

A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege...

CVE-2017-14386

Dell 2335dn and 2355dn printers are affected by a cross-site scripting (XSS) vulnerability in the web UI. The issue affects firmware versions prior to V2.70.06.26 A13 (2335dn) and V2.70.45.34 A10 (2355dn). Attackers could potentially execute arbitrary HTML or JavaScript code in a user’s browser s...