CVE-2016-11061

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.

Published: Apr 30, 2020
Updated: Apr 13, 2023
CVE: CVE-2016-11061
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
xerox / workcentre_3655_firmware	-	073.060.086.15410
xerox / workcentre_3655i_firmware	-	073.060.086.15410
xerox / workcentre_5865_firmware	-	073.190.086.15410
xerox / workcentre_5875_firmware	-	073.190.086.15410
xerox / workcentre_5890_firmware	-	073.190.086.15410
xerox / workcentre_5865i_firmware	-	073.190.086.15410
xerox / workcentre_5875i_firmware	-	073.190.086.15410
xerox / workcentre_5890i_firmware	-	073.190.086.15410
xerox / workcentre_5945_firmware	-	073.091.086.15410
xerox / workcentre_5955_firmware	-	073.091.086.15410
xerox / workcentre_5945i_firmware	-	073.091.086.15410
xerox / workcentre_5955i_firmware	-	073.091.086.15410
xerox / workcentre_6655_firmware	-	073.110.086.15410
xerox / workcentre_6655i_firmware	-	073.110.086.15410
xerox / workcentre_7200_firmware	-	073.030.086.15410
xerox / workcentre_7200i_firmware	-	073.030.086.15410
xerox / workcentre_7225i_firmware	-	073.030.086.15410
xerox / workcentre_7830_firmware	-	073.010.086.15410
xerox / workcentre_7835_firmware	-	073.010.086.15410
xerox / workcentre_7845_firmware	-	073.010.086.15410
xerox / workcentre_7855_firmware	-	073.010.086.15410
xerox / workcentre_7970_firmware	-	073.200.086.15410
xerox / workcentre_7970i_firmware	-	073.200.086.15410
xerox / workcentre_7225_firmware	-	073.030.086.15410
xerox / workcentre_7220_firmware	-	073.030.086.15410

https://securitydocs.business.xerox.com/wp-content/uploads/2016/10/cert_Mini_Security_Bulletin_XRX16Q_for_ConnectKey_R16-05_v1-1-2.pdf

Vulnerability Database

289,599

CVE-2016-11061