VDB
WID-SEC-W-2022-1335
WID-SEC-W-2022-1335
PUBLISHED
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox FreeFlow Print Server 9 | ||
| Xerox FreeFlow Print Server v9 | ||
| Xerox FreeFlow Print Server 7 |
Exploit Intelligence
- CVE-2021-30809 UAF use-after-free PoC (github-poc-repo)
- CVE-2021-44142 vulnerable lab (github-poc-repo)
- CVE-2022-22620: Use-after-free in Safari (github-poc-repo)
- YouShengLiu/CVE-2022-23773-Reproduce (github-poc-repo)
- This repo reproduce xss attack on django 4.0.1 (see CVE-2022-22818) (github-poc-repo)
- jeongjunsoo/CVE-2022-0778 (github-poc-repo)
- Benasin/CVE-2022-22720 (github-poc-repo)
- A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. (github-poc-repo)
- AlexanderZinoni/CVE-2022-21449 (github-poc-repo)
- Reappear-CVE-2022-21449-TLS-PoC (github-poc-repo)
…and 77 more exploits
Timeline
- Apr 22, 2022 PoC Published
- Sep 7, 2022 CVE Published
- May 18, 2023 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1335.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1335 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf url
- https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf url
- https://securitydocs.business.xerox.com/wp-content/uploads/2022/09/Xerox-Security-Bulletin-XRX22-021-FreeFlow-Print-Server-v9.pdf url