← Back

CVE-2006-5290

nvd nist
Published: Oct 13, 2006Modified: Apr 23, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname."

Affected (12)

Xerox
6 products
Workcentre 232
Workcentre 238
Workcentre 245
Workcentre 255
Workcentre 265
Workcentre 275
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Xerox
Workcentre 232
All versions
Workcentre 232
All versions
Xerox
Workcentre 238
All versions
Workcentre 238
All versions
Xerox
Workcentre 245
All versions
Workcentre 245
All versions
Xerox
Workcentre 255
All versions
Workcentre 255
All versions
Xerox
Workcentre 265
All versions
Workcentre 265
All versions
Xerox
Workcentre 275
All versions
Workcentre 275
All versions

References (12)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.