Fuji Xerox ColorQube 8580DN Printer

Platform Information https://www.cnet.com/products/xerox-colorqube-8580-dn-printer-color-solid-ink/
Search Engine Search on Google
End of Sales -
End of Support -
Wired Connection Yes
Wireless Connection -
Fingerprinting Source HTTPS NIC VENDOR
Added at May 14, 2019
Manufacturer Name Fuji Xerox Co., Ltd.
Homepage http://www.fujixerox.com/eng/
Headquarters Japan
Business Status Ongoing

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2018-15530
05/13/2019
MEDIUM
MEDIUM
Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2019-10880
04/12/2019
CRITICAL
HIGH
Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.
CVE-2018-20771
02/10/2019
CRITICAL
HIGH
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution.
CVE-2018-20770
02/10/2019
CRITICAL
HIGH
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection.
CVE-2018-20769
02/10/2019
HIGH
MEDIUM
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability.
CVE-2018-20768
02/10/2019
CRITICAL
HIGH
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.