2 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 23EXPL: 0

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter. cgi-bin/postpf/cgi-bin/dynamic/config/config.html en impresoras Lexmark X94x anterior a LC.BR.P142, X85x hasta LC4.BE.P487, X644 y X646 anterior a LC2.MC.P374, X642 hasta LC2.MB.P318, W840 hasta LS.HA.P252, T64x anterior a LS.ST.P344, X64xef hasta LC2.TI.P325, C935dn hasta LC.JO.P091, C920 hasta LS.TA.P152, C78x hasta LC.IO.P187, X78x hasta LC2.IO.P335, C77x hasta LC.CM.P052, X772 hasta LC2.TR.P291, C53x hasta LS.SW.P069, C52x hasta LS.FA.P150, 25xxN hasta LCL.CU.P114, N4000 hasta LC.MD.P119, N4050e hasta GO.GO.N206, N70xxe hasta LC.CO.N309, E450 hasta LM.SZ.P124, E350 hasta LE.PH.P129 y E250 hasta LE.PM.P126 permite a atacantes remotos eliminar la contraseña administrativa a través del parámetro vac.255.GENPASSWORD. • http://support.lexmark.com/index?page=content&id=TE586 http://www.kb.cert.org/vuls/id/108062 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 61EXPL: 0

The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header. El servidor HTTP embebido en multiples impresoras laser e inyección Lexmark y dispositivos MarkNet, incluyendo X94x, W840, T656, N4000, E462, C935dn, 25xxN y otros modelos, permiten a atacantes remotos causar una denegación de servicio (parada del sistema operativo) a través de una cabecera de Autorización HTTP malformada. • http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US • CWE-20: Improper Input Validation •