Vulnerability Description
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Workcentre | 12.060.17.000 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/23265Vendor Advisory
- http://securitytracker.com/id?1017337Vendor Advisory
- http://www.securityfocus.com/bid/21365
- http://www.vupen.com/english/advisories/2006/4791Vendor Advisory
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdfPatch
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30674
- http://secunia.com/advisories/23265Vendor Advisory
- http://securitytracker.com/id?1017337Vendor Advisory
- http://www.securityfocus.com/bid/21365
- http://www.vupen.com/english/advisories/2006/4791Vendor Advisory
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdfPatch
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30674
FAQ
What is CVE-2006-6427?
CVE-2006-6427 is a vulnerability with a CVSS score of 7.5 (HIGH). The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via u...
How severe is CVE-2006-6427?
CVE-2006-6427 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6427?
Check the references section above for vendor advisories and patch information. Affected products include: Xerox Workcentre.