Vulnerabilities > Lexmark > C2325 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-23 CVE-2023-22960 Improper Restriction of Excessive Authentication Attempts vulnerability in Lexmark products
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
network
low complexity
lexmark CWE-307
7.5
2023-01-23 CVE-2023-23560 Server-Side Request Forgery (SSRF) vulnerability in Lexmark products
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
network
low complexity
lexmark CWE-918
critical
9.8
2022-08-26 CVE-2022-29850 Exposure of Resource to Wrong Sphere vulnerability in Lexmark products
Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
network
high complexity
lexmark CWE-668
8.1
2022-01-20 CVE-2021-44734 Code Injection vulnerability in Lexmark products
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
network
low complexity
lexmark CWE-94
critical
9.8
2022-01-20 CVE-2021-44735 Command Injection vulnerability in Lexmark products
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
network
low complexity
lexmark CWE-77
critical
9.8
2022-01-20 CVE-2021-44737 Path Traversal vulnerability in Lexmark products
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
low complexity
lexmark CWE-22
8.8
2022-01-20 CVE-2021-44738 Classic Buffer Overflow vulnerability in Lexmark products
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
network
low complexity
lexmark CWE-120
critical
9.8