CVE-2006-5290: Command Injection
First published: Fri Oct 13 2006(Updated: )
The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox Workcentre 255 | ||
| Xerox Workcentre 245 | ||
| Xerox Workcentre 238 | ||
| Xerox Workcentre 232 | ||
| Xerox Workcentre 232 | ||
| Xerox Workcentre 265 | ||
| Xerox Workcentre 245 | ||
| Xerox Workcentre 238 | ||
| Xerox Workcentre 275 | ||
| Xerox Workcentre 255 | ||
| Xerox Workcentre 275 | ||
| Xerox Workcentre 265 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/xerox
- canonical/xerox workcentre 255
- canonical/xerox workcentre 245
- canonical/xerox workcentre 238
- canonical/xerox workcentre 232
- canonical/xerox workcentre 265
- canonical/xerox workcentre 275