Vulnerabilities (CVE)

Filtered by vendor Xerox Subscribe

Filtered by product Altalink C8035 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10881	1 Xerox	20 Altalink B8045, Altalink B8045 Firmware, Altalink B8055 and 17 more	2021-04-23	7.5 HIGH	9.8 CRITICAL
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.
CVE-2021-28668	1 Xerox	20 Altalink B8045, Altalink B8045 Firmware, Altalink B8055 and 17 more	2021-04-01	7.5 HIGH	9.8 CRITICAL
Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.
CVE-2021-28670	1 Xerox	20 Altalink B8045, Altalink B8045 Firmware, Altalink B8055 and 17 more	2021-04-01	6.4 MEDIUM	9.1 CRITICAL
Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.32000 and C8070 before 103.003.030.32000 allow unauthorized users, by leveraging the Scan To Mailbox feature, to delete arbitrary files from the disk.
CVE-2018-17172	1 Xerox	20 Altalink B8045, Altalink B8045 Firmware, Altalink B8055 and 17 more	2019-10-03	7.5 HIGH	9.8 CRITICAL
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.