Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-18894

Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server.

Published

2020-03-10T13:15:12.330

Last Modified

2024-11-21T03:56:50.427

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	lexmark	6500e_firmware	< lhs60.jr.p683	Yes
Hardware	lexmark	6500e	-	No
Operating System	lexmark	c748_firmware	< lhs60.cm4.p683	Yes
Hardware	lexmark	c748	-	No
Operating System	lexmark	c79x_firmware	< lhs60.hc.p683	Yes
Hardware	lexmark	c79x	-	No
Operating System	lexmark	c925_firmware	< lhs60.hv.p683	Yes
Hardware	lexmark	c925	-	No
Operating System	lexmark	c95x_firmware	< lhs60.tp.p683	Yes
Hardware	lexmark	c95x	-	No
Operating System	lexmark	cs41x_firmware	< lw71.vy2.p216	Yes
Hardware	lexmark	cs41x	-	No
Operating System	lexmark	cs51x_firmware	< lw71.vy4.p216	Yes
Hardware	lexmark	cs51x	-	No
Operating System	lexmark	cs748_firmware	≤ lhs60.cm4.p683	Yes
Hardware	lexmark	cs748	-	No
Operating System	lexmark	cs796_firmware	< lhs60.hc.p683	Yes
Hardware	lexmark	cs796	-	No
Operating System	lexmark	cx410_firmware	< lw71.gm4.p216	Yes
Hardware	lexmark	cx410	-	No
Operating System	lexmark	cx510_firmware	< lw71.gm7.p216	Yes
Hardware	lexmark	cx510	-	No
Operating System	lexmark	m3150_firmware	< lw71.pr4.p216	Yes
Hardware	lexmark	m3150	-	No
Operating System	lexmark	m5155_firmware	< lw71.dn4.p216	Yes
Hardware	lexmark	m5155	-	No
Operating System	lexmark	m5163_firmware	< lw71.dn4.p216	Yes
Hardware	lexmark	m5163	-	No
Operating System	lexmark	m5170_firmware	< lw71.dn7.p216	Yes
Hardware	lexmark	m5170	-	No
Operating System	lexmark	ms610de_firmware	< lw71.pr4.p216	Yes
Hardware	lexmark	ms610de	-	No
Operating System	lexmark	ms610dte_firmware	< lw71.pr4.p216	Yes
Hardware	lexmark	ms610dte	-	No
Operating System	lexmark	ms810de_firmware	< lw71.dn4.p216	Yes
Hardware	lexmark	ms810de	-	No
Operating System	lexmark	ms812de_firmware	< lw71.dn7.p216	Yes
Hardware	lexmark	ms812de	-	No
Operating System	lexmark	ms91x_firmware	< lw71.sa.p216	Yes
Hardware	lexmark	ms91x	-	No
Operating System	lexmark	mx410_firmware	< lw71.sb4.p216	Yes
Hardware	lexmark	mx410	-	No
Operating System	lexmark	mx510_firmware	< lw71.sb4.p216	Yes
Hardware	lexmark	mx510	-	No
Operating System	lexmark	mx511_firmware	< lw71.sb4.p216	Yes
Hardware	lexmark	mx511	-	No
Operating System	lexmark	mx610_firmware	< lw71.sb7.p216	Yes
Hardware	lexmark	mx610	-	No
Operating System	lexmark	mx611_firmware	< lw71.sb7.p216	Yes
Hardware	lexmark	mx611	-	No
Operating System	lexmark	mx6500e_firmware	≤ lw71.jd.p216	Yes
Hardware	lexmark	mx6500e	-	No
Operating System	lexmark	mx71x_firmware	< lw71.tu.p216	Yes
Hardware	lexmark	mx71x	-	No
Operating System	lexmark	mx81x_firmware	< lw71.tu.p216	Yes
Hardware	lexmark	mx81x	-	No
Operating System	lexmark	mx91x_firmware	< lw71.mg.p216	Yes
Hardware	lexmark	mx91x	-	No
Operating System	lexmark	sm91x_firmware	< lw71.mg.p216	Yes
Hardware	lexmark	sm91x	-	No
Operating System	lexmark	x46x_firmware	< lr.bs.p810	Yes
Hardware	lexmark	x46x	-	No
Operating System	lexmark	x548_firmware	< lhs60.vk.p683	Yes
Hardware	lexmark	x548	-	No
Operating System	lexmark	x65x_firmware	< lr.mn.p810	Yes
Hardware	lexmark	x65x	-	No
Operating System	lexmark	x73x_firmware	< lr.fl.p810	Yes
Hardware	lexmark	x73x	-	No
Operating System	lexmark	x74x_firmware	< lhs60.ny.p683	Yes
Hardware	lexmark	x74x	-	No
Operating System	lexmark	x792_firmware	< lhs60.mr.p683	Yes
Hardware	lexmark	x792	-	No
Operating System	lexmark	x86x_firmware	< lr.sp.p810	Yes
Hardware	lexmark	x86x	-	No
Operating System	lexmark	x925_firmware	< lhs60.hk.p683	Yes
Hardware	lexmark	x925	-	No
Operating System	lexmark	x95x_firmware	< lhs60.tq.p683	Yes
Hardware	lexmark	x95x	-	No
Operating System	lexmark	xc2132_firmware	< lw71.gm7.p216	Yes
Hardware	lexmark	xc2132	-	No
Operating System	lexmark	xm1145_firmware	< lw71.sb4.p216	Yes
Hardware	lexmark	xm1145	-	No
Operating System	lexmark	xm3150_firmware	< lw71.sb7.p216	Yes
Hardware	lexmark	xm3150	-	No
Operating System	lexmark	xm51xx_firmware	< lw71.tu.p216	Yes
Hardware	lexmark	xm51xx	-	No
Operating System	lexmark	xm71xx_firmware	< lw71.tu.p216	Yes
Hardware	lexmark	xm71xx	-	No
Operating System	lexmark	xs478_firmware	< lhs60.ny.p683	Yes
Hardware	lexmark	xs478	-	No
Operating System	lexmark	xs548_firmware	< lhs60.vk.p683	Yes
Hardware	lexmark	xs548	-	No
Operating System	lexmark	xs79x_firmware	< lhs60.mr.p683	Yes
Hardware	lexmark	xs79x	-	No
Operating System	lexmark	xs925_firmware	< lhs60.hk.p683	Yes
Hardware	lexmark	xs925	-	No
Operating System	lexmark	xs95x_firmware	< lhs60.tq.p683	Yes
Hardware	lexmark	xs95x	-	No

References

http://support.lexmark.com/alerts Vendor Advisory ([email protected])
http://support.lexmark.com/index?page=content&id=TE906&locale=EN&userlocale=EN_US Vendor Advisory ([email protected])
http://support.lexmark.com/alerts Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.lexmark.com/index?page=content&id=TE906&locale=EN&userlocale=EN_US Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)