Vulnerabilities > Fujixerox

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2021-20679 Unspecified vulnerability in Fujixerox products
Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.
network
low complexity
fujixerox
7.8
2020-01-31 CVE-2020-5526 Improper Certificate Validation vulnerability in Fujixerox Apeosware Management Suite
The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
fujixerox CWE-295
4.3
2020-01-27 CVE-2020-5522 Improper Certificate Validation vulnerability in Fujixerox Easy Netprint 2.0.3
The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
fujixerox CWE-295
5.8
2020-01-27 CVE-2020-5521 Improper Certificate Validation vulnerability in Fujixerox Easy Netprint
The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
fujixerox CWE-295
5.8
2020-01-27 CVE-2020-5520 Improper Certificate Validation vulnerability in Fujixerox Netprint
The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
fujixerox CWE-295
5.8
2019-09-14 CVE-2019-16307 Cross-site Scripting vulnerability in Fujixerox Docushare 7.0.0.C1.609
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKey parameter (deleteWebExMeetingCheck.jsp).
network
fujixerox CWE-79
4.3
2019-09-12 CVE-2019-6004 Open Redirect vulnerability in Fujixerox products
Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
network
fujixerox CWE-601
5.8
2018-09-07 CVE-2018-16709 Unspecified vulnerability in Fujixerox products
Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.
network
low complexity
fujixerox
7.5
2017-09-01 CVE-2017-10851 Untrusted Search Path vulnerability in Fujixerox Contentsbridge Utility
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
network
fujixerox microsoft CWE-426
critical
9.3
2017-09-01 CVE-2017-10849 Untrusted Search Path vulnerability in Fujixerox Docuworks 8.0.7
Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
network
fujixerox CWE-426
critical
9.3