In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation.

Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.

Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots.

PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.

Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.

Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.

Buffer overflow vulnerability has been identified in Lexmark devices through 2021-12-07 in postscript interpreter.

Various Lexmark devices have a Buffer Overflow (issue 2 of 2).

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful exploit could allow the attacker to take control over the outdoor unit.

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on a certain port. After accessing the network between the indoor and outdoor units of the CPE, an attacker can deliver commands to the specific port of the outdoor unit and execute them without authentication. Successful exploit could allow the attacker to take control over the outdoor unit.