Vulnerabilities > Xerox > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-02-10 CVE-2018-20768 Code Injection vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-94
critical
 9.8
9.8
2019-01-03 CVE-2018-17172 Command Injection vulnerability in Xerox products
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.
network
low complexity
xerox CWE-77
critical
 9.8
9.8