22 matches found
CVE-2023-34259
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...
CVE-2023-34261
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
CVE-2023-34261
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...
CVE-2023-34259
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
CVE-2023-34261
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...
CVE-2023-34259
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...
Code injection
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...
Directory traversal
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
CVE-2023-34261
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers (firmware 2VG_S000.002.561 and earlier) are affected by a path traversal/DoS vulnerability (CVE-2023-34260) in the Kyocera Command Center RX context, enabling read attempts of /etc via the endpoint path wlmdeu/../../.. followed by a /etc reference. The issue is co...
CVE-2023-34259
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...
CVE-2023-34259
Kyocera TASKalfa 4053ci printers (versions up to 2VG_S000.002.561) are affected by CVE-2023-34259 due to a path traversal vulnerability that reads arbitrary filesystem files, including root‑level data. The issue stems from an incomplete fix for CVE-2020-23575 and manifests in a vulnerable endpoin...
CVE-2023-34259
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
CVE-2023-34261
Kyocera TASKalfa 4053ci printers with firmware 2VG_S000.002.561 or earlier are affected by CVE-2023-34261 via an observable response discrepancy that lets an attacker identify valid user accounts through username enumeration (printing a "+nicht einloggen+" error instead of a "+falsch+" error). Ex...
CVE-2023-34260
Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow a denial of service service outage via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory...
PT-2023-24784 · Kyocera · Kyocera Taskalfa 4053Ci
Name of the Vulnerable Software and Affected Versions: Kyocera TASKalfa 4053ci printers through 2VG S000.002.561 Description: The issue allows identification of valid user accounts via username enumeration. This occurs because the system returns a "nicht einloggen" error rather than a "falsch"...