Skip to main content

Workcentre Ec7836 Firmware

2 CVEs product

Monthly

CVE-2020-26162 MEDIUM This Month

Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Workcentre Ec7836 Firmware Workcentre Ec7856 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-9330 HIGH POC PATCH This Week

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Workcentre 3655 Firmware Workcentre 3655I Firmware Workcentre 5845 Firmware Workcentre 5855 Firmware +14
NVD
CVSS 3.1
8.8
EPSS
1.1%
EPSS 1% CVSS 6.1
MEDIUM This Month

Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Workcentre Ec7836 Firmware Workcentre Ec7856 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Workcentre 3655 Firmware Workcentre 3655I Firmware +16
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy