Unauthorized File Deletion Vulnerability in Xerox AltaLink Printers

Unauthorized File Deletion Vulnerability in Xerox AltaLink Printers

CVE-2021-28670 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 before 103.001.030.32000, C8045/C8055 before 103.002.030.32000 and C8070 before 103.003.030.32000 allow unauthorized users, by leveraging the Scan To Mailbox feature, to delete arbitrary files from the disk.

Learn more about our User Device Pen Test.