Weak points in the UTAX P-C2655wMFP system
30 August 2019

Potential impacts on security:
XSS, CSRF, Path Traversal, Broken Access Control, Potential Buffer Overflow

Summary of weak points: 
Potential weaknesses in the UTAX P-C2655wMFP system have been identified. The vulnerabilities can be exploited to carry out cross-site scripting (XSS), cross-site request forgery (CSRF), path traversal, broken access control, or buffer overflow attacks.

Reference numbers:
CVE-2019-13195, CVE-2019-13196, CVE-2019-13197, CVE-2019-13198, CVE-2019-13199, CVE-2019-13200, CVE-2019-13201, CVE-2019-13202, CVE-2019-13203, CVE-2019-13204, CVE-2019-13205, CVE-2019-13206

Acknowledgement:
UTAX GmbH would like to thank the NCC Group for reporting these vulnerabilities as it helps our company to optimise product security.

Affected product and software update:Please use the software version below, which fixes the security vulnerabilities. For more information on how to install the updated software, please contact systemsupport@triumph-adler.net.