Vulnerabilities

CVE-2019-10880

by Fred · 12/04/2019

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

Date published : 2019-04-12

https://securitydocs.business.xerox.com/wp-content/uploads/2019/04/cert_Security_Mini_Bulletin_XRX19C_for_CQ8700_CQ8900_CQ93xx.pdf

https://airbus-seclab.github.io/

Similar

Tags: Cybersecurity Alert