VYPR
Unrated severityNVD Advisory· Published Apr 12, 2019· Updated Aug 4, 2024

CVE-2019-10880

CVE-2019-10880

Description

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19
  • unspecified+ 1 more
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
  • XEROX/ColorQube 8700/8900v5
    Range: unspecified
  • XEROX/ColorQube 9301/9302/9303v5
    Range: unspecified
  • Xerox/Phasercpe-rescue2 versions
    unspecified+ 1 more
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
  • Xerox/Workcentrecpe-rescue7 versions
    unspecified+ 6 more
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
    • (no CPE)range: unspecified
  • XEROX/WorkCentre 5735/5740/5745/5755/5765/5775/5790v5
    Range: unspecified
  • XEROX/WorkCentre 5845/5855/5865/5875/5890v5
    Range: unspecified
  • XEROX/WorkCentre 7525/7530/7535/7545/7556v5
    Range: unspecified
  • XEROX/WorkCentre 7830/7835/7845/7855v5
    Range: unspecified
  • XEROX/WorkCentre EC7836/EC7856v5
    Range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.