CVE-2013-6362
CRITICALXerox ColorCube and WorkCenter Firmware - Use of Hard-coded Credentials
Title source: llmDescription
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
http://firmware.re/usenixsec14/
Exploit, Vendor Advisory x_refsource_misc
http://firmware.re/vulns/acsa-2013-005.php
Scores
CVSS v3
9.8
EPSS
0.0118
EPSS Percentile
63.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (12)
xerox/colorqube_9201_firmware
2013
xerox/colorqube_9202_firmware
2013
xerox/colorqube_9203_firmware
2013
xerox/workcentre_6400_firmware
2013
xerox/workcentre_7525_firmware
2013
xerox/workcentre_7530_firmware
2013
xerox/workcentre_7535_firmware
2013
xerox/workcentre_7545_firmware
2013
xerox/workcentre_7556_firmware
2013
xerox/workcentre_7755_firmware
2013
... and 2 more
Published
Feb 13, 2020
Tracked Since
Feb 18, 2026