184 matches found
CVE-2026-41226
Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack...
Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Overview Web Image Monitor provided by Ricoh Company, Ltd. is a web server that is included in and runs on laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Open redirect CWE-601 - CVE-2026-41226 Tony Kirkland of Sixgen Inc reported this...
CVE-2026-41226
Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack...
CVE-2026-1789
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers...
SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-45829)
Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...
SHARP MFPs Authentication Bypass (CVE-2024-47406)
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
EUVD-2025-206537
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
CVE-2025-55704
CVE-2025-55704 describes a hidden functionality issue in multiple Brother MFPs that may allow an attacker to obtain logs from the affected product and access sensitive information contained in those logs. The issue is surfaced across multiple feeds (NVD, Red Hat, JVN, CIRCL, CVE list, EUVD, etc.)...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
PT-2026-5246
Hidden functionality issue exists in multiple MFPs provided by Brother Industries, Ltd., which may allow an attacker to obtain the logs of the affected product and obtain sensitive information within the logs...
PT-2026-5245
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
PT-2026-3191
Name of the Vulnerable Software and Affected Versions Satera LBP670C Series/Satera MF750C Series versions v06.02 and earlier Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i...
CVE-2019-18629
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a...
Konica Bizhub Multifunction Printers Improper Handling of Exceptional Conditions (CVE-2021-20870)
When scan transmission is interrupted by a network error, a physically accessible attacker could steal the scanned image data by removing the HDD before the scan job times out. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504857; scriptversion"1.2";...
Konica Bizhub Multifunction Printers Insufficiently Protected Credentials (CVE-2025-6081)
An authenticated attacker can disclose the password of a configured external service. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504862; scriptversion"1.2"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/02/20"; scriptcveid"CVE-2025-6081";...