Vulnerabilities > Xerox > Workcentre 5955 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-01-26 CVE-2020-36201 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xerox products
An issue was discovered in certain Xerox WorkCentre products.
network
low complexity
xerox CWE-327
7.5
2020-04-29 CVE-2016-11061 OS Command Injection vulnerability in Xerox products
Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.
network
low complexity
xerox CWE-78
critical
9.8
2020-02-21 CVE-2020-9330 Missing Authentication for Critical Function vulnerability in Xerox products
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address.
network
low complexity
xerox CWE-306
8.8