Vulnerabilities > Xerox > Altalink C8035 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2019-10881 Use of Hard-coded Credentials vulnerability in Xerox products
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.
network
low complexity
xerox CWE-798
critical
9.8
2021-03-29 CVE-2021-28668 SQL Injection vulnerability in Xerox products
Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.
network
low complexity
xerox CWE-89
critical
9.8
2021-03-29 CVE-2021-28670 Unspecified vulnerability in Xerox products
Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.32000 and C8070 before 103.003.030.32000 allow unauthorized users, by leveraging the Scan To Mailbox feature, to delete arbitrary files from the disk.
network
low complexity
xerox
critical
9.1
2019-01-03 CVE-2018-17172 Command Injection vulnerability in Xerox products
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.
network
low complexity
xerox CWE-77
critical
9.8