Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2025/12/25 8:18 p.m.13 views

CVE-2019-25254

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

5.3CVSS6.8AI score0.00266EPSS
Exploits2References1
OSV
OSV
added 2025/12/24 8:15 p.m.4 views

CVE-2019-25254

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

8.8CVSS5.7AI score0.00266EPSS
Exploits2References3
NVD
NVD
added 2025/12/24 8:15 p.m.7 views

CVE-2019-25254

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

8.8CVSS0.00266EPSS
Exploits2References3
NVD
NVD
added 2025/12/24 8:15 p.m.5 views

CVE-2019-25253

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

7.5CVSS0.00754EPSS
Exploits2References3
OSV
OSV
added 2025/12/24 8:15 p.m.4 views

CVE-2019-25253

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

7.1CVSS5.9AI score
Exploits0References3
Cvelist
Cvelist
added 2025/12/24 7:28 p.m.26 views

CVE-2019-25254 KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

8.8CVSS0.00266EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:28 p.m.3 views

CVE-2019-25254 KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration

KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when...

8.8CVSS6.4AI score0.00266EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:28 p.m.6 views

CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

7.5CVSS7AI score0.00754EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/12/24 7:28 p.m.30 views

CVE-2019-25253 KYOCERA Net Admin 3.4.0906 Unauthenticated XML External Entity Injection

KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuratio...

7.5CVSS0.00754EPSS
Exploits2References3
CVE
CVE
added 2025/12/24 7:28 p.m.17 views

CVE-2019-25253

KYOCERA Net Admin 3.4.0906 is affected by an XML External Entity (XXE) injection in the Multi-Set Template Editor. The vulnerability allows unauthenticated attackers to read arbitrary system files by crafting an XML with external entity references, potentially exposing sensitive data such as data...

7.5CVSS7AI score0.00754EPSS
Exploits2References3Affected Software1
CVE
CVE
added 2025/12/24 7:28 p.m.14 views

CVE-2019-25254

KYOCERA Net Admin 3.4.0906 is affected by a cross-site request forgery (CSRF) that allows an attacker to create administrative users without proper request validation. Public sources (Red Hat, CVE lists, PT-Security) describe that malicious pages can automatically submit requests when a logged-in...

8.8CVSS6.4AI score0.00266EPSS
Exploits2References3Affected Software1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

KYOCERA Net Admin 安全漏洞

KYOCERA Net Admin is an enterprise-level device management platform from KYOCERA, Inc. A security vulnerability exists in KYOCERA Net Admin version 3.4.0906 that stems from a lack of proper request validation and could lead to a cross-site request forgery attack...

8.8CVSS6.6AI score0.00266EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

KYOCERA Net Admin 安全漏洞

KYOCERA Net Admin is an enterprise-level device management platform from KYOCERA, Inc. A security vulnerability exists in KYOCERA Net Admin version 3.4.0906, which stems from the mishandling of XML files by the Multi-Set Template Editor, which could lead to an XML external entity injection attack...

7.5CVSS7.1AI score0.00754EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.9 views

PT-2025-53339

Name of the Vulnerable Software and Affected Versions KYOCERA Net Admin version 3.4.0906 Description KYOCERA Net Admin 3.4.0906 contains an XML External Entity XXE injection issue in the Multi-Set Template Editor. This allows unauthenticated attackers to read arbitrary system files. Attackers can...

7.5CVSS7AI score0.00754EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53340

Name of the Vulnerable Software and Affected Versions KYOCERA Net Admin version 3.4.0906 Description The software contains a cross-site request forgery condition that permits attackers to create administrative users without sufficient request validation. An attacker can construct malicious web...

5.3CVSS6.4AI score0.00266EPSS
Exploits2References5
seebug.org
seebug.org
added 2018/06/29 12:0 a.m.39 views

KYOCERA Net Admin 3.4 Multiple XSS Vulnerabilities

Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/04/09 12:0 a.m.49 views

KYOCERA Net Admin 3.4 Cross Site Request Forgery

KYOCERA Net Admin 3.4 CSRF Add Admin Exploit input type="hidden" name="addUserForm:lo...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2018/04/09 12:0 a.m.31 views

KYOCERA Net Admin 3.4 - Cross-Site Request Forgery (Add Admin)

KYOCERA Net Admin 3.4 - Cross-Site Request Forgery Add Admin Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/04/07 12:0 a.m.538 views

KYOCERA Net Admin 3.4 Multiple XSS Vulnerabilities

Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/04/07 12:0 a.m.771 views

KYOCERA Net Admin 3.4 CSRF Add Admin Exploit

Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...

8.8CVSS5.7AI score0.00266EPSS
Exploits2
Rows per page
Query Builder