Xerox Colorqube 8700 8900 vulnerabilities
2 known vulnerabilities affecting xerox/colorqube_8700_8900.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2019-10880P2CRITICALCVSS 9.8≥ unspecified, < 072.xxx.009.072002019-04-12
CVE-2019-10880 [CRITICAL] CWE-78 CVE-2019-10880: Within multiple XEROX products a vulnerability allows remote command execution on the Linux system,
Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.
nvd
CVE-2019-10881P3CRITICALCVSS 9.8vn/a2021-04-13
CVE-2019-10881 [CRITICAL] CWE-259 CVE-2019-10881: Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software r
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.
nvd