CVE-2006-5290

The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname."
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*
cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:*

History

21 Nov 2024, 00:18

Type Values Removed Values Added
References () http://secunia.com/advisories/22252 - Patch, Vendor Advisory () http://secunia.com/advisories/22252 - Patch, Vendor Advisory
References () http://securitytracker.com/id?1016981 - () http://securitytracker.com/id?1016981 -
References () http://www.securityfocus.com/bid/20334/info - Patch () http://www.securityfocus.com/bid/20334/info - Patch
References () http://www.vupen.com/english/advisories/2006/3921 - () http://www.vupen.com/english/advisories/2006/3921 -
References () http://www.xerox.com/downloads/usa/en/c/cert_XRX06_005.pdf - Patch () http://www.xerox.com/downloads/usa/en/c/cert_XRX06_005.pdf - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29357 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/29357 -

Information

Published : 2006-10-13 20:07

Updated : 2024-11-21 00:18


NVD link : CVE-2006-5290

Mitre link : CVE-2006-5290

CVE.ORG link : CVE-2006-5290


JSON object : View

Products Affected

xerox

  • workcentre_265
  • workcentre_232
  • workcentre_245
  • workcentre_275
  • workcentre_238
  • workcentre_255