Unrated severityNVD Advisory· Published Dec 10, 2006· Updated Jun 16, 2026
CVE-2006-6427
CVE-2006-6427
Description
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.
Affected products
7cpe:2.3:h:xerox:workcentre:12.060.17.000:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:h:xerox:workcentre:12.060.17.000:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre:12.060.17.000:*:pro:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre:13.060.17.000:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre:13.060.17.000:*:pro:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre:14.060.17.000:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre:14.060.17.000:*:pro:*:*:*:*:*
- (no CPE)range: <12.060.17.000 (12.x), <13.060.17.000 (13.x), <14.060.17.000 (14.x)
Patches
Vulnerability mechanics
References
7- www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdfnvdPatch
- secunia.com/advisories/23265nvdVendor Advisory
- securitytracker.com/idnvdVendor Advisory
- www.vupen.com/english/advisories/2006/4791nvdVendor Advisory
- www.securityfocus.com/bid/21365nvd
- www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdfnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/30674nvd
News mentions
0No linked articles in our index yet.