Vulnerabilities (CVE)

Filtered by vendor Zebra Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-4957 1 Zebra 2 Zt410, Zt410 Firmware 2024-11-21 N/A 5.4 MEDIUM
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.
CVE-2022-36443 1 Zebra 1 Enterprise Home Screen 2024-11-21 N/A 7.8 HIGH
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction.
CVE-2022-36442 1 Zebra 1 Enterprise Home Screen 2024-11-21 N/A 5.5 MEDIUM
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK.
CVE-2022-36441 1 Zebra 1 Enterprise Home Screen 2024-11-21 N/A 7.1 HIGH
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by the admin.
CVE-2021-32089 1 Zebra 2 Fx9500, Fx9500 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to information disclosure and code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2020-10875 1 Zebra 2 Fx9500, Fx9500 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp.
CVE-2019-10960 1 Zebra 16 220xi4, 220xi4 Firmware, Zt220 and 13 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the printer and the printer will respond with an array of information that includes the front panel passcode for the printer. Once the passcode is retrieved, an attacker must have physical access to the front panel of the printer to enter the passcode to access the full functionality of the front panel.