CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 2CVE-2013-6362
https://notcve.org/view.php?id=CVE-2013-6362
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. Los dispositivos Xerox ColorQube y WorkCenter en 2013, poseía cuentas de usuario shell y FTP embebidas. • http://firmware.re/usenixsec14 http://firmware.re/vulns/acsa-2013-005.php • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2010-0549
https://notcve.org/view.php?id=CVE-2010-0549
Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070.109.11407 through 060.070.109.29510, and Net Controller 060.079.11410 through 060.079.29310, allows remote attackers to access "directory structure" via a crafted PostScript file, aka "Unauthorized Directory Structure Access Vulnerability." Vulnerabilidad no especifica en el Network Controller en Xerox WorkCentre 6400 System Software v060.070.109.11407 hasta v060.070.109.29510, y Net Controller v060.079.11410 hasta v060.079.29310, permite a atacantse remotos acceder al "directorio de estructura" a través de un archivo PostScript manipulado, como "Vulnerabilidad no autorizada al Directorio de Estrucutra." • http://secunia.com/advisories/38339 http://www.securitytracker.com/id?1023500 http://www.vupen.com/english/advisories/2010/0208 http://www.xerox.com/downloads/usa/en/c/cert_XRX10-001_v1.0.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •