Vulnerabilities > Xerox > Phaser 3320 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2019-13172 Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.
network
low complexity
xerox CWE-120
critical
9.8
2020-03-13 CVE-2019-13171 Out-of-bounds Write vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device.
network
low complexity
xerox CWE-787
critical
9.8
2020-03-13 CVE-2019-13170 Cross-Site Request Forgery (CSRF) vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks.
network
low complexity
xerox CWE-352
6.5
2020-03-13 CVE-2019-13169 Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.
network
low complexity
xerox CWE-120
critical
9.8
2020-03-13 CVE-2019-13168 Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service.
network
low complexity
xerox CWE-120
critical
9.8
2020-03-13 CVE-2019-13167 Cross-site Scripting vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers.
network
low complexity
xerox CWE-79
6.1
2020-03-13 CVE-2019-13166 Improper Restriction of Excessive Authentication Attempts vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout.
network
low complexity
xerox CWE-307
7.5
2020-03-13 CVE-2019-13165 Classic Buffer Overflow vulnerability in Xerox Phaser 3320 Firmware V53.006.16.000
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service.
network
low complexity
xerox CWE-120
critical
9.8