CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0CVE-2009-1656
https://notcve.org/view.php?id=CVE-2009-1656
Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability." Xerox WorkCentre y WorkCentre Pro v232, v238, v245, v255, v265, v275; y WorkCentre v5632, v5638, v5645, v5655, v5665, v5675, v5687, v7655, v7656, y v7675 permite a atacantes remotos ejecutar comandos de su elección a través de vectores de ataque desconocidos, también conocido como "vulnerabilidad de inyección de comando". • http://osvdb.org/54457 http://secunia.com/advisories/35101 http://www.securityfocus.com/bid/34984 http://www.securitytracker.com/id?1022238 http://www.vupen.com/english/advisories/2009/1328 http://www.xerox.com/downloads/usa/en/c/cert_XRX09-02_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/50558 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2008-2824
https://notcve.org/view.php?id=CVE-2008-2824
Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors. Vulnerabilidad no especificada en el Extensible Interface Platform de Web Services de Xerox WorkCentre 7655, 7665 y 7675; permite a atacantes remotos realizar cambios en la configuración a través de vectores desconocidos. • http://secunia.com/advisories/30670 http://www.securityfocus.com/bid/29691 http://www.securitytracker.com/id?1020281 http://www.vupen.com/english/advisories/2008/1831/references http://www.xerox.com/downloads/usa/en/c/cert_XRX08_006.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/43059 • CWE-264: Permissions, Privileges, and Access Controls •