Show filters
10 Total Results
Displaying 1-10 of 10
Sort by:
Attacker Value
Unknown
CVE-2024-54335
Disclosure Date: December 13, 2024 (last updated December 18, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZebraSoft Monaco ImmoToolBox Connect allows Reflected XSS.This issue affects ImmoToolBox Connect: from n/a through 1.3.3.
0
Attacker Value
Unknown
CVE-2024-3125
Disclosure Date: April 01, 2024 (last updated April 11, 2024)
A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258868. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2023-4957
Disclosure Date: October 11, 2023 (last updated October 17, 2023)
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.
0
Attacker Value
Unknown
CVE-2022-36443
Disclosure Date: January 10, 2023 (last updated October 08, 2023)
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction.
0
Attacker Value
Unknown
CVE-2022-36442
Disclosure Date: January 10, 2023 (last updated October 08, 2023)
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK.
0
Attacker Value
Unknown
CVE-2022-36441
Disclosure Date: January 10, 2023 (last updated October 08, 2023)
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by the admin.
0
Attacker Value
Unknown
CVE-2021-32089
Disclosure Date: May 11, 2021 (last updated February 22, 2025)
An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to information disclosure and code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
0
Attacker Value
Unknown
CVE-2020-10875
Disclosure Date: March 23, 2020 (last updated February 21, 2025)
Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp.
0
Attacker Value
Unknown
CVE-2019-10960
Disclosure Date: August 20, 2019 (last updated November 27, 2024)
Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the printer and the printer will respond with an array of information that includes the front panel passcode for the printer. Once the passcode is retrieved, an attacker must have physical access to the front panel of the printer to enter the passcode to access the full functionality of the front panel.
0
Attacker Value
Unknown
CVE-2007-1010
Disclosure Date: February 21, 2007 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in ZebraFeeds 1.0, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the zf_path parameter to (1) aggregator.php and (2) controller.php in newsfeeds/includes/.
0