// For flags

CVE-2021-28672

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 allows remote attackers to execute arbitrary code through a buffer overflow in Web page parameter handling.

Xerox Phaser 6510 versiones anteriores a 64.65.51 y 64.59.11 (Bridge), WorkCentre 6515 versiones anteriores a 65.65.51 y 65.59.11 (Bridge), VersaLink B400 versiones anteriores a 37.65.51 y 37.59.01 (Bridge), B405 versiones anteriores a 38.65.51 y 38.59 .01 (Bridge), B600/B610 versiones anteriores a 32.65.51 y 32.59.01 (Bridge), B605/B615 versiones anteriores a 33.65.51 y 33.59.01 (Bridge), B7025/30/35 versiones anteriores a 58.65.51 y 58.59.11 ( Bridge), C400 versiones anteriores a 67.65.51 y 67.59.01 (Bridge), C405 versiones anteriores a 68.65.51 y 68.59.01 (Bridge), C500/C600 versiones anteriores a 61.65.51 y 61.59.01 (Bridge), C505/C605 versiones anteriores a 62.65. 51 y 62.59.01 (Bridge), C7000 versiones anteriores a 56.65.51 y 56.59.01 (Bridge), C7020/25/30 versiones anteriores a 57.65.51 y 57.59.01 (Bridge), C8000/C9000 versiones anteriores a 70.65.51 y 70.59.01 (Bridge), C8000W versiones anteriores a 72.65.51, permite a atacantes remotos ejecutar código arbitrario por medio de un desbordamiento del búfer en el manejo de parámetros de la página Web

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-03-18 CVE Reserved
  • 2021-03-29 CVE Published
  • 2024-03-04 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Xerox
Search vendor "Xerox"
Phaser 6510 Firmware
Search vendor "Xerox" for product "Phaser 6510 Firmware"
< 64.59.11
Search vendor "Xerox" for product "Phaser 6510 Firmware" and version " < 64.59.11"
-
Affected
in Xerox
Search vendor "Xerox"
Phaser 6510
Search vendor "Xerox" for product "Phaser 6510"
--
Safe
Xerox
Search vendor "Xerox"
Workcentre 6515 Firmware
Search vendor "Xerox" for product "Workcentre 6515 Firmware"
< 65.59.11
Search vendor "Xerox" for product "Workcentre 6515 Firmware" and version " < 65.59.11"
-
Affected
in Xerox
Search vendor "Xerox"
Workcentre 6515
Search vendor "Xerox" for product "Workcentre 6515"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B400 Firmware
Search vendor "Xerox" for product "Versalink B400 Firmware"
< 37.59.01
Search vendor "Xerox" for product "Versalink B400 Firmware" and version " < 37.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B400
Search vendor "Xerox" for product "Versalink B400"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B405 Firmware
Search vendor "Xerox" for product "Versalink B405 Firmware"
< 38.59.01
Search vendor "Xerox" for product "Versalink B405 Firmware" and version " < 38.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B405
Search vendor "Xerox" for product "Versalink B405"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B600 Firmware
Search vendor "Xerox" for product "Versalink B600 Firmware"
< 32.59.01
Search vendor "Xerox" for product "Versalink B600 Firmware" and version " < 32.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B600
Search vendor "Xerox" for product "Versalink B600"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B610 Firmware
Search vendor "Xerox" for product "Versalink B610 Firmware"
< 32.59.01
Search vendor "Xerox" for product "Versalink B610 Firmware" and version " < 32.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B610
Search vendor "Xerox" for product "Versalink B610"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B605 Firmware
Search vendor "Xerox" for product "Versalink B605 Firmware"
< 33.59.01
Search vendor "Xerox" for product "Versalink B605 Firmware" and version " < 33.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B605
Search vendor "Xerox" for product "Versalink B605"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B615 Firmware
Search vendor "Xerox" for product "Versalink B615 Firmware"
< 33.59.01
Search vendor "Xerox" for product "Versalink B615 Firmware" and version " < 33.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B615
Search vendor "Xerox" for product "Versalink B615"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7025 Firmware
Search vendor "Xerox" for product "Versalink B7025 Firmware"
< 58.59.11
Search vendor "Xerox" for product "Versalink B7025 Firmware" and version " < 58.59.11"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7025
Search vendor "Xerox" for product "Versalink B7025"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7030 Firmware
Search vendor "Xerox" for product "Versalink B7030 Firmware"
< 58.59.11
Search vendor "Xerox" for product "Versalink B7030 Firmware" and version " < 58.59.11"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7030
Search vendor "Xerox" for product "Versalink B7030"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7035 Firmware
Search vendor "Xerox" for product "Versalink B7035 Firmware"
< 58.59.11
Search vendor "Xerox" for product "Versalink B7035 Firmware" and version " < 58.59.11"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7035
Search vendor "Xerox" for product "Versalink B7035"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C400 Firmware
Search vendor "Xerox" for product "Versalink C400 Firmware"
< 67.59.01
Search vendor "Xerox" for product "Versalink C400 Firmware" and version " < 67.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C400
Search vendor "Xerox" for product "Versalink C400"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C405 Firmware
Search vendor "Xerox" for product "Versalink C405 Firmware"
< 68.59.01
Search vendor "Xerox" for product "Versalink C405 Firmware" and version " < 68.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C405
Search vendor "Xerox" for product "Versalink C405"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C500 Firmware
Search vendor "Xerox" for product "Versalink C500 Firmware"
< 61.59.01
Search vendor "Xerox" for product "Versalink C500 Firmware" and version " < 61.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C500
Search vendor "Xerox" for product "Versalink C500"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C600 Firmware
Search vendor "Xerox" for product "Versalink C600 Firmware"
< 61.59.01
Search vendor "Xerox" for product "Versalink C600 Firmware" and version " < 61.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C600
Search vendor "Xerox" for product "Versalink C600"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C505 Firmware
Search vendor "Xerox" for product "Versalink C505 Firmware"
< 62.59.01
Search vendor "Xerox" for product "Versalink C505 Firmware" and version " < 62.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C505
Search vendor "Xerox" for product "Versalink C505"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C605 Firmware
Search vendor "Xerox" for product "Versalink C605 Firmware"
< 62.59.01
Search vendor "Xerox" for product "Versalink C605 Firmware" and version " < 62.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C605
Search vendor "Xerox" for product "Versalink C605"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7000 Firmware
Search vendor "Xerox" for product "Versalink C7000 Firmware"
< 56.59.01
Search vendor "Xerox" for product "Versalink C7000 Firmware" and version " < 56.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7000
Search vendor "Xerox" for product "Versalink C7000"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7020 Firmware
Search vendor "Xerox" for product "Versalink C7020 Firmware"
< 57.59.01
Search vendor "Xerox" for product "Versalink C7020 Firmware" and version " < 57.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7020
Search vendor "Xerox" for product "Versalink C7020"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7025 Firmware
Search vendor "Xerox" for product "Versalink C7025 Firmware"
< 57.59.01
Search vendor "Xerox" for product "Versalink C7025 Firmware" and version " < 57.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7025
Search vendor "Xerox" for product "Versalink C7025"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7030 Firmware
Search vendor "Xerox" for product "Versalink C7030 Firmware"
< 57.59.01
Search vendor "Xerox" for product "Versalink C7030 Firmware" and version " < 57.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7030
Search vendor "Xerox" for product "Versalink C7030"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C8000 Firmware
Search vendor "Xerox" for product "Versalink C8000 Firmware"
< 70.59.01
Search vendor "Xerox" for product "Versalink C8000 Firmware" and version " < 70.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C8000
Search vendor "Xerox" for product "Versalink C8000"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C9000 Firmware
Search vendor "Xerox" for product "Versalink C9000 Firmware"
< 70.59.01
Search vendor "Xerox" for product "Versalink C9000 Firmware" and version " < 70.59.01"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C9000
Search vendor "Xerox" for product "Versalink C9000"
--
Safe
Xerox
Search vendor "Xerox"
Phaser 6510 Firmware
Search vendor "Xerox" for product "Phaser 6510 Firmware"
< 64.65.51
Search vendor "Xerox" for product "Phaser 6510 Firmware" and version " < 64.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Phaser 6510
Search vendor "Xerox" for product "Phaser 6510"
--
Safe
Xerox
Search vendor "Xerox"
Workcentre 6515 Firmware
Search vendor "Xerox" for product "Workcentre 6515 Firmware"
< 65.65.51
Search vendor "Xerox" for product "Workcentre 6515 Firmware" and version " < 65.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Workcentre 6515
Search vendor "Xerox" for product "Workcentre 6515"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B400 Firmware
Search vendor "Xerox" for product "Versalink B400 Firmware"
< 37.65.51
Search vendor "Xerox" for product "Versalink B400 Firmware" and version " < 37.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B400
Search vendor "Xerox" for product "Versalink B400"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B405 Firmware
Search vendor "Xerox" for product "Versalink B405 Firmware"
< 38.65.51
Search vendor "Xerox" for product "Versalink B405 Firmware" and version " < 38.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B405
Search vendor "Xerox" for product "Versalink B405"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B610 Firmware
Search vendor "Xerox" for product "Versalink B610 Firmware"
< 32.65.51
Search vendor "Xerox" for product "Versalink B610 Firmware" and version " < 32.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B610
Search vendor "Xerox" for product "Versalink B610"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B605 Firmware
Search vendor "Xerox" for product "Versalink B605 Firmware"
< 33.65.51
Search vendor "Xerox" for product "Versalink B605 Firmware" and version " < 33.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B605
Search vendor "Xerox" for product "Versalink B605"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B615 Firmware
Search vendor "Xerox" for product "Versalink B615 Firmware"
< 33.65.51
Search vendor "Xerox" for product "Versalink B615 Firmware" and version " < 33.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B615
Search vendor "Xerox" for product "Versalink B615"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7025 Firmware
Search vendor "Xerox" for product "Versalink B7025 Firmware"
< 58.65.51
Search vendor "Xerox" for product "Versalink B7025 Firmware" and version " < 58.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7025
Search vendor "Xerox" for product "Versalink B7025"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C400 Firmware
Search vendor "Xerox" for product "Versalink C400 Firmware"
< 67.65.51
Search vendor "Xerox" for product "Versalink C400 Firmware" and version " < 67.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C400
Search vendor "Xerox" for product "Versalink C400"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C405 Firmware
Search vendor "Xerox" for product "Versalink C405 Firmware"
< 68.65.51
Search vendor "Xerox" for product "Versalink C405 Firmware" and version " < 68.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C405
Search vendor "Xerox" for product "Versalink C405"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C500 Firmware
Search vendor "Xerox" for product "Versalink C500 Firmware"
< 61.65.51
Search vendor "Xerox" for product "Versalink C500 Firmware" and version " < 61.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C500
Search vendor "Xerox" for product "Versalink C500"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C600 Firmware
Search vendor "Xerox" for product "Versalink C600 Firmware"
< 61.65.51
Search vendor "Xerox" for product "Versalink C600 Firmware" and version " < 61.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C600
Search vendor "Xerox" for product "Versalink C600"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C505 Firmware
Search vendor "Xerox" for product "Versalink C505 Firmware"
< 62.65.51
Search vendor "Xerox" for product "Versalink C505 Firmware" and version " < 62.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C505
Search vendor "Xerox" for product "Versalink C505"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C605 Firmware
Search vendor "Xerox" for product "Versalink C605 Firmware"
< 62.65.51
Search vendor "Xerox" for product "Versalink C605 Firmware" and version " < 62.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C605
Search vendor "Xerox" for product "Versalink C605"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7000 Firmware
Search vendor "Xerox" for product "Versalink C7000 Firmware"
< 56.65.51
Search vendor "Xerox" for product "Versalink C7000 Firmware" and version " < 56.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7000
Search vendor "Xerox" for product "Versalink C7000"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7020 Firmware
Search vendor "Xerox" for product "Versalink C7020 Firmware"
< 57.65.51
Search vendor "Xerox" for product "Versalink C7020 Firmware" and version " < 57.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7020
Search vendor "Xerox" for product "Versalink C7020"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7025 Firmware
Search vendor "Xerox" for product "Versalink C7025 Firmware"
< 57.65.51
Search vendor "Xerox" for product "Versalink C7025 Firmware" and version " < 57.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7025
Search vendor "Xerox" for product "Versalink C7025"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C7030 Firmware
Search vendor "Xerox" for product "Versalink C7030 Firmware"
< 57.65.51
Search vendor "Xerox" for product "Versalink C7030 Firmware" and version " < 57.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C7030
Search vendor "Xerox" for product "Versalink C7030"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C8000 Firmware
Search vendor "Xerox" for product "Versalink C8000 Firmware"
< 70.65.51
Search vendor "Xerox" for product "Versalink C8000 Firmware" and version " < 70.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C8000
Search vendor "Xerox" for product "Versalink C8000"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C9000 Firmware
Search vendor "Xerox" for product "Versalink C9000 Firmware"
< 70.65.51
Search vendor "Xerox" for product "Versalink C9000 Firmware" and version " < 70.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C9000
Search vendor "Xerox" for product "Versalink C9000"
--
Safe
Xerox
Search vendor "Xerox"
Versalink C8000w Firmware
Search vendor "Xerox" for product "Versalink C8000w Firmware"
< 72.65.51
Search vendor "Xerox" for product "Versalink C8000w Firmware" and version " < 72.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink C8000w
Search vendor "Xerox" for product "Versalink C8000w"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B600 Firmware
Search vendor "Xerox" for product "Versalink B600 Firmware"
< 32.65.51
Search vendor "Xerox" for product "Versalink B600 Firmware" and version " < 32.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B600
Search vendor "Xerox" for product "Versalink B600"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7030 Firmware
Search vendor "Xerox" for product "Versalink B7030 Firmware"
< 58.65.51
Search vendor "Xerox" for product "Versalink B7030 Firmware" and version " < 58.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7030
Search vendor "Xerox" for product "Versalink B7030"
--
Safe
Xerox
Search vendor "Xerox"
Versalink B7035 Firmware
Search vendor "Xerox" for product "Versalink B7035 Firmware"
< 58.65.51
Search vendor "Xerox" for product "Versalink B7035 Firmware" and version " < 58.65.51"
-
Affected
in Xerox
Search vendor "Xerox"
Versalink B7035
Search vendor "Xerox" for product "Versalink B7035"
--
Safe