cbcvebase.

Xerox Phaser 3320 Firmware vulnerabilities

8 known vulnerabilities affecting xerox/phaser_3320_firmware.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2019-13171P2CRITICALCVSS 9.8vv53.006.16.0002020-03-13
CVE-2019-13171 [CRITICAL] CWE-787 CVE-2019-13171: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-base Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size use
nvd
CVE-2019-13168P3CRITICALCVSS 9.8vv53.006.16.0002020-03-13
CVE-2019-13168 [CRITICAL] CWE-120 CVE-2019-13168: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vuln Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.
nvd
CVE-2019-13165P3CRITICALCVSS 9.8vv53.006.16.0002020-03-13
CVE-2019-13165 [CRITICAL] CWE-120 CVE-2019-13165: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vuln Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.
nvd
CVE-2019-13172P3CRITICALCVSS 9.8vv53.006.16.0002020-03-13
CVE-2019-13172 [CRITICAL] CWE-120 CVE-2019-13172: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vuln Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.
nvd
CVE-2019-13169P3CRITICALCVSS 9.8vv53.006.16.0002020-03-13
CVE-2019-13169 [CRITICAL] CWE-120 CVE-2019-13169: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vuln Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.
nvd
CVE-2019-13166P3HIGHCVSS 7.5vv53.006.16.0002020-03-13
CVE-2019-13166 [HIGH] CWE-307 CVE-2019-13166: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Loca Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks.
nvd
CVE-2019-13170P4MEDIUMCVSS 6.5vv53.006.16.0002020-03-13
CVE-2019-13170 [MEDIUM] CWE-352 CVE-2019-13170: Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoi Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.
nvd
CVE-2019-13167P4MEDIUMCVSS 6.1vv53.006.16.0002020-03-13
CVE-2019-13167 [MEDIUM] CWE-79 CVE-2019-13167: Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions.
nvd
Xerox Phaser 3320 Firmware vulnerabilities | cvebase