Lucene search
K
LexmarkMx321 Firmware

8 matches found

CVE
CVE
added 2023/01/23 12:0 a.m.171 views

CVE-2023-23560

CVE-2023-23560 affects Lexmark printers and multifunction devices with a server-side request forgery (SSRF) flaw caused by insufficient input validation in the vulnerable web interface. Reports indicate this can lead to arbitrary code execution with system privileges on affected devices, based on...

9.8CVSS9.3AI score0.14954EPSS
CVE
CVE
added 2023/01/23 12:0 a.m.112 views

CVE-2023-22960

CVE-2023-22960 : Lexmark printer firmware prior to 2023-01-10 is affected by Improper Control of Interaction Frequency, enabling bypass of login brute-force protections. Connected sources indicate exploitation involves the Embedded Web Server interface; impact is limited to authentication bypass ...

7.5CVSS7.5AI score0.27766EPSS
CVE
CVE
added 2022/01/20 3:59 p.m.82 views

CVE-2021-44738

CVE-2021-44738 is a buffer-overflow vulnerability in Lexmark devices’ PostScript interpreter. Multiple sources (ZDI advisories and NVD) describe a write past the end of a buffer during PostScript data handling, enabling potential remote code execution on affected Lexmark printers (e.g., MC3224i) ...

10CVSS9.5AI score0.03312EPSS
CVE
CVE
added 2022/01/20 4:11 p.m.81 views

CVE-2021-44734

CVE-2021-44734 affects Lexmark devices with an embedded web server input sanitization vulnerability that can lead to remote code execution. The issue is documented across multiple feeds (NVD, CVE lists, and vendor advisories) and is tied to Lexmark security alerts (e.g., CVE-2021-44734.pdf) and Z...

10CVSS9.8AI score0.06427EPSS
CVE
CVE
added 2022/01/20 4:4 p.m.71 views

CVE-2021-44737

Lexmark PJL path traversal (CVE-2021-44737) affects Lexmark printers (via PJL command handling) and can overwrite internal configuration files. The root cause is improper filtering of resource/file paths allowing directory traversal. In the Tenable ZDI advisory, it is described as a remote-code-e...

8.8CVSS8.6AI score0.01435EPSS
CVE
CVE
added 2022/01/20 4:7 p.m.66 views

CVE-2021-44735

CVE-2021-44735 is an embedded web server command injection vulnerability in Lexmark devices (through 2021-12-07). The linked advisories/coverage confirm a Lexmark embedded web service issue enabling command execution via the device’s web interface. Multiple vendor/security sources reference this ...

10CVSS9.6AI score0.07702EPSS
CVE
CVE
added 2022/08/25 11:11 p.m.64 views

CVE-2022-29850

Summary: CVE-2022-29850 affects Lexmark printers/products through 2022-04-27. An attacker who has already compromised an affected Lexmark device can use improper input validation to maintain persistence across reboots. Affected component: Lexmark printer product line (unspecified models) with vul...

8.1CVSS8AI score0.00841EPSS
CVE
CVE
added 2019/06/28 3:25 p.m.57 views

CVE-2018-15520

CVE-2018-15520 affects various Lexmark devices with a memory buffer overflow vulnerability. The issue is described as a buffer overflow in the device’s operations, with a network-based attack vector and no authentication required (CVSS2/3: 7.5/9.8; high/critical). The root cause is improper restr...

9.8CVSS9.5AI score0.01186EPSS