Vulnerabilities > Lexmark > Mb2546 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-23 CVE-2023-23560 Server-Side Request Forgery (SSRF) vulnerability in Lexmark products
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
network
low complexity
lexmark CWE-918
critical
9.8
2022-01-20 CVE-2021-44735 Command Injection vulnerability in Lexmark products
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
network
low complexity
lexmark CWE-77
critical
9.8
2022-01-20 CVE-2021-44734 Code Injection vulnerability in Lexmark products
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
network
low complexity
lexmark CWE-94
critical
9.8
2022-01-20 CVE-2021-44738 Classic Buffer Overflow vulnerability in Lexmark products
Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
network
low complexity
lexmark CWE-120
critical
9.8
2019-06-28 CVE-2018-15520 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lexmark products
Various Lexmark devices have a Buffer Overflow (issue 2 of 2).
network
low complexity
lexmark CWE-119
critical
9.8