Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-29T21:23:30

Updated: 2024-08-06T03:47:34.938Z

Reserved: 2020-04-29T00:00:00

Link: CVE-2016-11061

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-04-29T22:15:11.810

Modified: 2024-11-21T02:45:24.550

Link: CVE-2016-11061

cve-icon Redhat

No data.