Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-10
Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-03-09
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-03-06
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-03-06
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-02-13
Various Lexmark products have an Integer Overflow.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-28
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-08-28
Various Lexmark products have a Buffer Overflow (issue 2 of 3).
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-28
Various Lexmark products have a Buffer Overflow (issue 3 of 3).
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-28
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-08-28