VYPR
Unrated severityNVD Advisory· Published Apr 29, 2020· Updated Aug 6, 2024

CVE-2016-11061

CVE-2016-11061

Description

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.

Affected products

2
  • Xerox/WorkCentredescription
  • Xerox/Workcentrellm-fuzzy
    Range: <073.xxx.086.15410

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.