CVE-2018-15530: XEROX COLORQUBE, XSS IN WEB INTERFACE

Our Team of security researchers has identified an XSS injection in the web interface of the Xerox ColorQube 8580. Most likely other Printers are affected too.

This Vulnerability can be exploited by printing a document with a specially crafted filename (PostScript filename in metadata) on the printer, either via USB or via network and can therefore be exploited remotely. The consequences of this vulnerability range from session hijacking to defacing of the job accounting overview. This vulnerability does need user interaction and can only be exploited if the victim accesses "/UE/jobaccountingbrowse.html".

Proof of Concept

The Proof of Concept can be downloaded here and can simply be printed on the printer.

Affected

Updates