Lexmark: Security Vulnerabilities
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.704
Published
2020-01-27
Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.081
Published
2020-01-27
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
CVSS Score
7.5
EPSS Score
0.188
Published
2019-11-21
Various Lexmark products have an Integer Overflow.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-28
Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-08-28
Various Lexmark products have a Buffer Overflow (issue 2 of 3).
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-28
Various Lexmark products have a Buffer Overflow (issue 3 of 3).
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-28
Various Lexmark products have CSRF.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-08-28
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-08-28
Various Lexmark products have Incorrect Access Control (issue 2 of 2).
CVSS Score
5.3
EPSS Score
0.002
Published
2019-08-28