ID
VAR-E-201203-0962
TITLE
Multiple Xerox Devices Multiple Remote Code Execution Vulnerabilities
Trust: 0.3
DESCRIPTION
Multiple Xerox devices are prone to multiple remote code-execution vulnerabilities.
An attacker can exploit these issues to execute arbitrary code in the context of the affected application. Successful exploitation can completely compromise the vulnerable device.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | xerox | model: | workcentre pro color | scope: | eq | version: | 3545 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro color | scope: | eq | version: | 2636 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro color | scope: | eq | version: | 2128 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 90 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 75 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 65 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 55 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 45 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro color | scope: | eq | version: | 40 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 35 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro color | scope: | eq | version: | 32 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 2750 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 2550 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 2450 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 2380 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 175 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 165 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 265 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre pro | scope: | eq | version: | 232 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m55 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m45 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m35 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m175 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m165 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre bookmark | scope: | eq | version: | 55 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre bookmark | scope: | eq | version: | 40 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 76750 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 76650 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 76550 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m20i | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre m20 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7775 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7765 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7755 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7556 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7545 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7535 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7530 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7525 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7435 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7428 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7425 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7346 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7345 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7335 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7328 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7245 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7242 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7235 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7232 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7228 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7132 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7125 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 7120 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 6400 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5675 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5665 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5655 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5645 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5638 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5632 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5335 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5330 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5325 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5230 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5225 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5222 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5150 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5135 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5050 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 5030 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 4260 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 4250 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 4150 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 4118 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 3550 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 3220 | Trust: 0.3 |
| vendor: | xerox | model: | workcentre | scope: | eq | version: | 3210 | Trust: 0.3 |
| vendor: | xerox | model: | phaser 8860mfp | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 88600 | Trust: 0.3 |
| vendor: | xerox | model: | phaser 8560mfp | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 85600 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 85500 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 78000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 77600 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 75000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 74000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 63600 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 63500 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 55500 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 46200 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 46000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 45100 | Trust: 0.3 |
| vendor: | xerox | model: | phaser 3635mfp | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 36000 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 34350 | Trust: 0.3 |
| vendor: | xerox | model: | phaser 3300mfp | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | xerox | model: | phaser | scope: | eq | version: | 32500 | Trust: 0.3 |
| vendor: | xerox | model: | phaser 3160n | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9303 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9302 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9301 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9203 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9202 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 9201 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 8870 | Trust: 0.3 |
| vendor: | xerox | model: | colorqube | scope: | eq | version: | 8570 | Trust: 0.3 |
EXPLOIT
The following metasploit module is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/52483.rb">/data/vulnerabilities/exploits/52483.rb</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Boundary Condition Error
Trust: 0.3
CREDITS
The vendor reported these issues.
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 52483 | Trust: 0.3 |
REFERENCES
| url: | http://seclists.org/fulldisclosure/2016/apr/91 | Trust: 0.3 |
| url: | http://h.foofus.net/goons/percx/xerox_hack.pdf | Trust: 0.3 |
| url: | http://www.xerox.com/download/security/security-bulletin/1284332-2ddc5-4baa79b70ac40/cert_xrx12-003_v1.1.pdf | Trust: 0.3 |
| url: | https://www.rapid7.com/db/modules/exploit/unix/misc/xerox_mfp | Trust: 0.3 |
| url: | http://www.xerox.com | Trust: 0.3 |
SOURCES
| db: | BID | id: | 52483 |
LAST UPDATE DATE
2022-07-27T09:59:01.958000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 52483 | date: | 2016-07-06T14:33:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 52483 | date: | 2012-03-14T00:00:00 |