Xerox Security Bulletin XRX11-001 (PDF 89.7K)

A command injection vulnerability exists in the Web Server of the WorkCentre 7655/7665/7675. If exploited, the vulnerability could allow remote attackers to execute arbitrary code via carefully crafted inputs on the affected web page. Customer and user passwords are not exposed. A software solution (patch P45) is provided for the WorkCentre 7655/7665/7675.