VDB
WID-SEC-W-2023-2031
WID-SEC-W-2023-2031
PUBLISHED
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox FreeFlow Print Server v9 | ||
| Xerox FreeFlow Print Server v7 for Solaris | ||
| Xerox FreeFlow Print Server v2 | ||
| Amazon Linux 2 | ||
| Gentoo Linux |
Exploit Intelligence
- baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability (github-poc-repo)
- This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Windows Error Reporting (WER) component. (github-poc-repo)
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability. (github-poc-repo)
- BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use (github-poc-repo)
- CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability. (github-poc-repo)
- English translation (github-poc-repo)
- helleflo1312/Orchestrated-Powershell-for-CVE-2023-24932 (github-poc-repo)
- A comprehensive collection of 12 containerized web exploitation challenges covering CVE-2023-25690, WebAuthn bypasses, HTTP/3 smuggling, and advanced XSS/RCE chains (github-poc-repo)
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit (github-poc)
- #comeonits2023 #ie9 #Storm-0978 (github-poc)
…and 84 more exploits
Timeline
- Jul 2, 2021 PoC Published
- Aug 9, 2023 CVE Published
- Sep 23, 2023 PoC Published
- Aug 8, 2024 CVE Updated
- Feb 13, 2025 PoC Published
- May 21, 2025 PoC Published
- Aug 10, 2025 PoC Published
- Feb 14, 2026 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2031.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2031 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-011_FFPSv7-S11_MediaInstall_Aug2023.pdf url
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-012_FFPSv2_Win10_SecurityBulletin_Aug2023.pdf url
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/08/Xerox-Security-Bulletin-XRX23-013-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf url
- https://alas.aws.amazon.com/AL2/ALAS-2023-2331.html url
- https://security.gentoo.org/glsa/202408-17 url