Add printer detection coverage for Xerox AltaLink C8030

PBSH · September 1, 2025, 11:09am

OID 1.3.6.1.4.1.25623.1.0.103648 fails to detect the Xerox AltaLink C8030, while the type is mentioned in the same page which is queried already (/properties/configuration.php?tab=Status).

The page contains: <td id="productName">Xerox<sup>® </sup>AltaLink<sup>® </sup>C8030</td>

Therefore, I suggest to add somethling like this:

    # AltaLink C8030
    # <td id="productName">Xerox<sup>&reg; </sup>AltaLink<sup>&reg; </sup>C8030</td>
    url = "/properties/configuration.php?tab=Status";
    res = http_get_cache(port: port, item: url);
    vers = eregmatch(pattern: "<td id="productName">(?:.*?)([A-Z]+\d+)<\/td>", string: res);
    if (!isnull(vers[1])) {
      concl += '\n    ' + vers[0];
      conclUrl += '\n    ' + http_report_vuln_url(port: port, url: url, url_only: TRUE);
      set_kb_item(name: "xerox/printer/http/" + port + "/fw_version", value: vers[1]);
      set_kb_item(name: "xerox/printer/http/" + port + "/concluded", value: concl);
      set_kb_item(name: "xerox/printer/http/" + port + "/concludedUrl", value: conclUrl);
      exit(0);
    }

(Not tested)

ckuerste · September 16, 2025, 2:42am

Hi and sorry for the late reply!

Thanks a lot for the information. Much appreciated! I’ve created an internal issue to have a closer look!

Best regards

Christian

ckuerste · September 16, 2025, 3:50am

Hmm, strange. While looking into it I saw that AltaLink C8030 devices should actually be detected in general. E.g.

Detected Xerox Printer AltaLink C8030 Firmware

Version:       103.001.013.14100
Location:      /
CPE:           cpe:/o:xerox:altalink_c8030_firmware:103.001.013.14100

Detected AltaLink C8030

Location:      /
CPE:           cpe:/h:xerox:altalink_c8030

Detection methods:

HTTP(s) on port 443/tcp
  Concluded from version/product identification result:
    id="productName">Xerox<sup>&reg; </sup>AltaLink<sup>&reg; </sup>C8030</
    >Device Software Version:</td><td>103.001.013.14100</td>
  Concluded from version/product identification location:
    https://<redacted>/sitemap.php
    https://<redacted>/properties/configuration.php?tab=Status

As I understand you, the devices was not detected at all as a Xerox Altalink, right?

Is the /sitemap.php endpoint available on your device?

Best,

Christian

PBSH · September 16, 2025, 9:35am

Thank you for looking into this. That’s right.

/sitemap.php is available but doesn’t expose AltaLink or C8030.

/properties/configuration.php?tab=Status does but I don’t see the pattern recognition in the .nasl script.

Is your output from 1.3.6.1.4.1.25623.1.0.103648 version 2023-08-08T05:06:11+0000 ?

ckuerste · September 16, 2025, 9:44am

Alright. I think I got then the info needed for now. Will inform you again when the changes will be available. Thanks again for your input!

About the date: Yes, that’s the last changes done there.

Christian

ckuerste · September 18, 2025, 2:42am

The detection got now updated and should arrive in the feed in the next couple of days.

Note that 1.3.6.1.4.1.25623.1.0.103648 hasn’t been changed (the changes are in an include file) so the last modification date of that VT hasn’t been changed.

Let me know if this resolves this issue and thanks again for the provided info!

Christian

PBSH · September 19, 2025, 9:17am

Great, thank you very much! I’ll monitor this, verify, and get back to you.

system · November 30, 2025, 11:10am

This topic was automatically closed after 90 days. New replies are no longer allowed.