20 matches found
CVE-2019-25254
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...
CVE-2019-25254
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...
CVE-2019-25254
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...
CVE-2019-25253
KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...
CVE-2019-25253
KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...
CVE-2019-25254 KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...
CVE-2019-25254 KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...
CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...
CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...
CVE-2019-25253
KYOCERA Net Admin 3.4.0906 is affected by an XML External Entity (XXE) injection in the Multi-Set Template Editor. The vulnerability allows unauthenticated attackers to read arbitrary system files by crafting an XML with external entity references, potentially exposing sensitive data such as data...
CVE-2019-25254
KYOCERA Net Admin 3.4.0906 is affected by a cross-site request forgery (CSRF) that allows an attacker to create administrative users without proper request validation. Public sources (Red Hat, CVE lists, PT-Security) describe that malicious pages can automatically submit requests when a logged-in...
KYOCERA Net Admin 安全漏洞
KYOCERA Net Admin is an enterprise-level device management platform from KYOCERA, Inc. A security vulnerability exists in KYOCERA Net Admin version 3.4.0906 that stems from a lack of proper request validation and could lead to a cross-site request forgery attack...
KYOCERA Net Admin 安全漏洞
KYOCERA Net Admin is an enterprise-level device management platform from KYOCERA, Inc. A security vulnerability exists in KYOCERA Net Admin version 3.4.0906, which stems from the mishandling of XML files by the Multi-Set Template Editor, which could lead to an XML external entity injection attack...
PT-2025-53339
Name of the Vulnerable Software and Affected Versions KYOCERA Net Admin version 3.4.0906 Description KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection issue in the Multi-Set Template Editor. This allows unauthenticated attackers to read arbitrary system files. Attackers can...
PT-2025-53340
Name of the Vulnerable Software and Affected Versions KYOCERA Net Admin version 3.4.0906 Description The software contains a cross-site request forgery condition that permits attackers to create administrative users without sufficient request validation. An attacker can construct malicious web...
KYOCERA Net Admin 3.4 Multiple XSS Vulnerabilities
Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...
KYOCERA Net Admin 3.4 Cross Site Request Forgery
KYOCERA Net Admin 3.4 CSRF Add Admin Exploit input type="hidden" name="addUserForm:lo...
KYOCERA Net Admin 3.4 - Cross-Site Request Forgery (Add Admin)
KYOCERA Net Admin 3.4 - Cross-Site Request Forgery Add Admin Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and...
KYOCERA Net Admin 3.4 Multiple XSS Vulnerabilities
Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...
KYOCERA Net Admin 3.4 CSRF Add Admin Exploit
Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...