Vulnerabilities > CVE-2005-2200 - Security Bypass vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
xerox
nessus

Summary

Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication.

Nessus

NASL familyMisc.
NASL idXEROX_XRX05_006.NASL
descriptionAccording to its model number and software version, the remote host is a Xerox WorkCentre device with an embedded web server that suffers from multiple flaws, including authentication bypass, denial of service, unauthorized file access, and cross-site scripting.
last seen2020-06-01
modified2020-06-02
plugin id18642
published2005-07-08
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18642
titleXerox WorkCentre Multiple Vulnerabilities (XRX05-006)