Lexmark C2325 Firmware vulnerabilities

CVE-2023-23560 [CRITICAL] CWE-918 CVE-2023-23560: In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.

CVE-2023-22960 [HIGH] CWE-307 CVE-2023-22960: Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.

CVE-2022-29850 [HIGH] CWE-20 CVE-2022-29850: Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affecte Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.

CVE-2021-44734 [CRITICAL] CWE-94 CVE-2021-44734: Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which ca Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.

CVE-2021-44738 [CRITICAL] CWE-120 CVE-2021-44738: Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscrip Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.

CVE-2021-44735 [CRITICAL] CWE-77 CVE-2021-44735: Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.

CVE-2021-44737 [HIGH] CWE-22 CVE-2021-44737: PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.