Multiple Xerox printers (EC80xx, AltaLink, VersaLink, WorkCentre) were affected by an authenticated remote code execution vulnerability which allowed an attacker with administrative web credentials to fully compromise the devices with root privileges on the operating system.
there were even two more unauthenticated RCE and authentication bypass issues found, Xerox already patched those in the past, but did not mention them in their security notes? 🤔
