CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6427

The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/23265
http://securitytracker.com/id?1017337
http://www.securityfocus.com/bid/21365
http://www.vupen.com/english/advisories/2006/4791
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30674
http://secunia.com/advisories/23265
http://securitytracker.com/id?1017337
http://www.securityfocus.com/bid/21365
http://www.vupen.com/english/advisories/2006/4791
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30674

Products affected by CVE-2006-6427

Xerox » Workcentre » Version: 12.060.17.000

cpe:2.3:h:xerox:workcentre:12.060.17.000
Xerox » Workcentre » Version: 13.060.17.000

cpe:2.3:h:xerox:workcentre:13.060.17.000
Xerox » Workcentre » Version: 14.060.17.000

cpe:2.3:h:xerox:workcentre:14.060.17.000

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6427

Products

Pricing

Contact Us