CVE-2023-26067

HIGH EXPLOITED NUCLEI

Lexmark <2023-02-19 - Info Disclosure

Title source: llm

Description

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4).

Exploits (2)

nomisec WORKING POC 28 stars
by horizon3ai · remote
https://github.com/horizon3ai/CVE-2023-26067
metasploit WORKING POC EXCELLENT
by James Horseman, Zach Hanley, jheysel-r7 · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/lexmark_faxtrace_settings.rb

Nuclei Templates (1)

Lexmark Printers - Command Injection
HIGHVERIFIEDby DhiyaneshDK
Shodan: Server: Lexmark_Web_Server || server: lexmark_web_server

References (3)

Scores

CVSS v3 8.1
EPSS 0.9300
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-12-04
CWE
CWE-20
Status published
Products (26)
lexmark/cslbl_firmware < cslbl.081.232
lexmark/cslbn_firmware < cslbn.081.232
lexmark/csnzj_firmware < csnzj.081.232
lexmark/cstat_firmware < cstat.081.233
lexmark/cstmh_firmware < cstmh.081.233
lexmark/cstpc_firmware < cstpc.081.232
lexmark/cxlbl_firmware < cxlbl.081.232
lexmark/cxlbn_firmware < cxlbn.081.232
lexmark/cxnzj_firmware < cxnzj.081.232
lexmark/cxtat_firmware < cxtat.081.233
... and 16 more
Published Apr 10, 2023
Tracked Since Feb 18, 2026