186 matches found
CVE-2024-12649
Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier...
CVE-2024-12649
Canon Small Office/MFD and Laser Printers are affected by CVE-2024-12649 due to a buffer overflow in XPS data font processing. Canon models listed (Satera MF656Cdw, MF654Cdw, MF653Cdw, MF652Cdw; Color imageCLASS MF656Cdw, MF654Cdw, MF653Cdw, MF652Cdw; LBP633Cdw/LBP632Cdw; i-SENSYS MF657Cdw/MF655C...
CVE-2024-12647
CVE-2024-12647 affects Canon Office/Small Office/MFP and Laser Printers, with a Buffer Overflow in CPCA font download processing that may allow an attacker on the network to cause the device to become unresponsive or execute arbitrary code. Affected product families include Satera MF656Cdw/MF654C...
CVE-2024-36249
CVE-2024-36249 affects Sharp Corporation and Toshiba Tech Corporation multifunction printers (MFPs). The issue is Cross-site Scripting (CWE-79) on the administrative web interface, potentially allowing an arbitrary script to be executed in the admin context. Affected components are the MFP firmwa...
PT-2024-26934 · Sharp +1 · Sharp Mfps +1
Name of the Vulnerable Software and Affected Versions: Sharp Corporation and Toshiba Tec Corporation multiple MFPs multifunction printers affected versions not specified Description: An out-of-bounds read issue exists, which may lead to a denial-of-service DoS condition. Recommendations: At the...
Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Overview Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains a stack-based buffer overflow vulnerability CWE-121 due to inappropriate parsing process of HTTP request. Zhihong Tian, Hui L...
CVE-2024-47005
Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs...
CVE-2024-47549
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...
CVE-2024-45829
Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...
PT-2024-29936 · Sharp +1 · Sharp Mfps +1
Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to multiple Out-of-bounds Read vulnerabilities due to improper processing of keyword search input and improper processing of SOAP messages. Crafted...
Sharp MFP 安全漏洞
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from incorrect handling of HTTP authentication requests, resulting in an authentication bypass vulnerability...
PT-2024-32620 · Sharp +1 · Sharp Mfps +1
Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to the improper processing of HTTP authentication requests by Sharp and Toshiba Tec MFPs, resulting in an authentication bypass. Recommendations: At...
Sharp MFP 安全漏洞
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from improper validation of input data, resulting in a stored cross-site scripting vulnerability...
PT-2024-32820 · Sharp +1 · Sharp Mfps +1
Name of the Vulnerable Software and Affected Versions: Sharp and Toshiba Tec MFPs affected versions not specified Description: The issue is related to the improper processing of query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL...
Ricoh MFPs and printers Security Vulnerability
Ricoh MFPs and printers is a line of printers from Ricoh Corporation Ricoh of Japan. A security vulnerability exists in Ricoh MFPs and printers, which stems from the presence of an out-of-bounds write vulnerability that could lead to a denial of service DoS condition and corruption of user data...
Sharp MFP Security Vulnerability
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from incorrect credential information to perform certain device functions, which could result in referencing internal information in the device...
PT-2024-22642 · Toshiba · Sharp/Toshiba Tec Mfps
Name of the Vulnerable Software and Affected Versions: Sharp/Toshiba Tec MFPs affected versions not specified Description: The issue allows any local user of the device to examine coredump files, which are stored with world-readable permission when the device crashes. This enables the user to...
Toshiba e-STUDIO Security Vulnerability
Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from improper privilege settings in some programs, which can be used to execute arbitrary code on the multifunction device by hijacking...
Toshiba e-STUDIO Security Vulnerability
Toshiba e-STUDIO is a line of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from the use of a Web-based management program TopAccess that can place any file in the multifunction device...
Sharp MFP Security Vulnerability
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from passwords being stored in a recoverable format, allowing a malicious user to utilize these passwords in a reuse attack...