Vulnerabilities > Lexmark > Cx820 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2023-22960 | Improper Restriction of Excessive Authentication Attempts vulnerability in Lexmark products Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. | 7.5 |
| 2023-01-23 | CVE-2023-23560 | Server-Side Request Forgery (SSRF) vulnerability in Lexmark products In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | 9.8 |
| 2022-08-26 | CVE-2022-29850 | Exposure of Resource to Wrong Sphere vulnerability in Lexmark products Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | 8.1 |
| 2022-01-20 | CVE-2021-44734 | Code Injection vulnerability in Lexmark products Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device. | 9.8 |
| 2022-01-20 | CVE-2021-44735 | Command Injection vulnerability in Lexmark products Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. | 10.0 |
| 2022-01-20 | CVE-2021-44737 | Path Traversal vulnerability in Lexmark products PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files. | 8.3 |
| 2022-01-20 | CVE-2021-44738 | Classic Buffer Overflow vulnerability in Lexmark products Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter. | 10.0 |
| 2019-03-12 | CVE-2018-17944 | Information Exposure vulnerability in Lexmark products On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. | 4.0 |