Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and compromise the...
6.5CVSS
6.5AI Score
0.0004EPSS
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
0.0004EPSS
Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...
6.1CVSS
0.0004EPSS
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
6.6AI Score
0.0004EPSS
Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...
6.1CVSS
6AI Score
0.0004EPSS
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult...
6.2CVSS
0.0004EPSS
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult...
6.2CVSS
6.5AI Score
0.0004EPSS
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
6.6AI Score
0.0004EPSS
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
0.0004EPSS
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference...
7.4CVSS
7.5AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.7CVSS
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.7CVSS
7.5AI Score
0.0004EPSS
CVE-2024-27170 Hardcoded credentials for WebDAV access
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference...
7.4CVSS
6.8AI Score
0.0004EPSS
CVE-2024-27170 Hardcoded credentials for WebDAV access
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
CVE-2024-27169 Lack of authentication
Toshiba printers provides API without authentication for internal access. A local attacker can bypass authentication in applications, providing administrative access. As for the affected products/models/versions, see the reference...
8.4CVSS
0.0004EPSS
CVE-2024-27169 Lack of authentication
Toshiba printers provides API without authentication for internal access. A local attacker can bypass authentication in applications, providing administrative access. As for the affected products/models/versions, see the reference...
8.4CVSS
7.1AI Score
0.0004EPSS
CVE-2024-27167 Insecure permissions
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
CVE-2024-27167 Insecure permissions
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference...
7.4CVSS
6.7AI Score
0.0004EPSS
CVE-2024-27166 Insecure permissions
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
CVE-2024-27166 Insecure permissions
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference...
7.4CVSS
6.8AI Score
0.0004EPSS
CVE-2024-27165 Local Privilege Escalation
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference...
7.8CVSS
6.9AI Score
0.0004EPSS
CVE-2024-27165 Local Privilege Escalation
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference...
7.8CVSS
0.0004EPSS
CVE-2024-27164 Hardcoded credentials
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference...
7.1CVSS
0.0004EPSS
CVE-2024-27164 Hardcoded credentials
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference...
7.1CVSS
7AI Score
0.0004EPSS
CVE-2024-27163 Leak of admin password and passwords
Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and compromise the...
6.5CVSS
6.6AI Score
0.0004EPSS
CVE-2024-27163 Leak of admin password and passwords
Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and compromise the...
6.5CVSS
0.0004EPSS
Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...
6.1CVSS
0.0004EPSS
Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...
6.1CVSS
6.1AI Score
0.0004EPSS
CVE-2024-27161 Hardcoded password used to encrypt files
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult...
6.2CVSS
0.0004EPSS
CVE-2024-27161 Hardcoded password used to encrypt files
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other vulnerabilities and difficult...
6.2CVSS
7.2AI Score
0.0004EPSS
CVE-2024-27160 Hardcoded password used to encrypt logs and use of weak cipher
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
7.2AI Score
0.0004EPSS
CVE-2024-27160 Hardcoded password used to encrypt logs and use of weak cipher
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
0.0004EPSS
CVE-2024-27159 Hardcoded password used to encrypt logs
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
0.0004EPSS
CVE-2024-27159 Hardcoded password used to encrypt logs
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...
6.2CVSS
7.2AI Score
0.0004EPSS
CVE-2024-27158 Hardcoded root password
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference...
7.4CVSS
7AI Score
0.0004EPSS
CVE-2024-27158 Hardcoded root password
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
CVE-2024-27155 Local Privilege Escalation and Remote Code Execution using insecure permissions
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.7CVSS
0.0004EPSS
CVE-2024-27155 Local Privilege Escalation and Remote Code Execution using insecure permissions
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.7CVSS
6.9AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.4CVSS
7.4AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
7.4AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
7.4AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
7.4AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
0.0004EPSS
The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference...
6.7CVSS
6.6AI Score
0.0004EPSS
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...
7.4CVSS
7.4AI Score
0.0004EPSS