This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Lexmark First view 2022-01-20
Product mx331 Firmware Last view 2023-01-23
Version * Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:lexmark:mx331_firmware

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2023-01-23 CVE-2023-23560

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.
7.5 2023-01-23 CVE-2023-22960

Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
8.1 2022-08-26 CVE-2022-29850

Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.
9.8 2022-01-20 CVE-2021-44738

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.
8.8 2022-01-20 CVE-2021-44737

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.
9.8 2022-01-20 CVE-2021-44735

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
9.8 2022-01-20 CVE-2021-44734

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.

CWE : Common Weakness Enumeration

%idName
14% (1) CWE-668 Exposure of Resource to Wrong Sphere
14% (1) CWE-307 Improper Restriction of Excessive Authentication Attempts
14% (1) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
14% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
14% (1) CWE-77 Improper Sanitization of Special Elements used in a Command ('Comma...
14% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
14% (1) CWE-20 Improper Input Validation