CVE-2023-22960
Description
Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency.
NVD
Severity: HIGH
CVE ID: CVE-2023-22960
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Proof Of Concept
t3l3machus
This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.
Refrence: GitHub
k0mi-tg
Refrence: GitHub