Vulnerabilities > Xerox > Workcentre Ec7856 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-01-26 CVE-2020-36201 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Xerox products
An issue was discovered in certain Xerox WorkCentre products.
network
low complexity
xerox CWE-327
7.5
2020-10-09 CVE-2020-26162 Cross-site Scripting vulnerability in Xerox products
Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.
network
low complexity
xerox CWE-79
6.1
2020-02-21 CVE-2020-9330 Missing Authentication for Critical Function vulnerability in Xerox products
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address.
network
low complexity
xerox CWE-306
8.8
2019-02-10 CVE-2018-20771 Improper Input Validation vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-20
critical
9.8
2019-02-10 CVE-2018-20770 SQL Injection vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-89
critical
9.8
2019-02-10 CVE-2018-20769 Path Traversal vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-22
7.5
2019-02-10 CVE-2018-20768 Code Injection vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-94
critical
9.8
2019-02-10 CVE-2018-20767 Improper Input Validation vulnerability in Xerox products
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.
network
low complexity
xerox CWE-20
8.8