FlagThis

Rapid7 researchers have discovered vulnerabilities in Xerox VersaLink C7025 Multifunction printers (MFPs). These flaws enable attackers to capture authentication credentials via pass-back attacks through Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB/FTP) services. Exploiting these vulnerabilities allows malicious actors to intercept authentication credentials, leading to credential theft and lateral attacks within enterprise networks, highlighting the need for security.