mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
817 B
817 B
CVE-2019-19832
Description
Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)
POC
Reference
- http://packetstormsecurity.com/files/155709/Xerox-AltaLink-C8035-Printer-Cross-Site-Request-Forgery.html
- http://packetstormsecurity.com/files/155709/Xerox-AltaLink-C8035-Printer-Cross-Site-Request-Forgery.html
Github
No PoCs found on GitHub currently.