CVE-2019-10880

Name of the Vulnerable Software and Affected Versions XEROX products (affected versions not specified)

Description A remote command execution issue exists, allowing an attacker to execute commands on the Linux system as the nobody user through a crafted HTTP request. This is due to an OS Command Injection vulnerability in the HTTP interface. Depending on the configuration, authentication may not be required to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.