CVE-2006-5290

Currently unrated

Key Information:

Vendor: Xerox
Status: Workcentre 255; Workcentre 245; Workcentre 238; Workcentre 232
Vendor: CVE Published:; 13 October 2006

Summary

The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname."

References

http://secunia.com/advisories/22252

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/20334/info

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/29357

vdb-entryx_refsource_XF

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 13, 2006
Vulnerability Reserved
Oct 13, 2006