82 matches found
CVE-2021-34870
The CVE-2021-34870 vulnerability affects NETGEAR XR1000 routers (version 1.0.0.52_1.0.38). A flaw in SOAP message processing allows network-adjacent attackers to access privileged requests without authentication, leading to disclosure of stored credentials and potential further compromise. Public...
CVE-2021-20869
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
CVE-2021-20871
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
CVE-2021-20869
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
CVE-2021-20868
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...
CVE-2021-20871
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
Design/Logic Flaw
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
Authorization
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...
Code injection
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
CVE-2021-20871
Exposure of sensitive information to an unauthorized actor vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-3...
CVE-2021-20871
CVE-2021-20871 affects KONICA MINOLTA bizhub MFPs and printing systems (listed models). An adjacent-network attacker can obtain credentials stored in the address book when a destination with registered credentials is referenced via a specific SOAP message. This is a credential exposure/informatio...
CVE-2021-20869
KONICA MINOLTA bizhub MFPs are affected by CVE-2021-20869. When external LDAP authentication is enabled, an adjacent-network attacker can obtain some user credentials by sending specific SOAP messages to the device. The vulnerability is tied to how LDAP-based authentication information is process...
CVE-2021-20868
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series bizhub C750i G00-35 and earlier, bizhub C650i/C550i/C450i G00-B6 and earlier, bizhub C360i/C300i/C250i G00-B6 and earlier, bizhub 750i/650i/550i/450i G00-37 and earlier, bizhub 360i/300i G00-33 and earlier, bizhub...
CVE-2021-20868
CVE-2021-20868 is an Incorrect Authorization vulnerability in KONICA MINOLTA bizhub MFPs. Multiple model lines expose the risk: if external server authentication is enabled, a remote attacker on an adjacent network can obtain user credentials by sending a crafted SOAP message, potentially with ad...
Multiple vulnerabilities in KONICA MINOLTA MFPs and printing systems
Overview Multi-function printers MFP and printing systems provided by KONICA MINOLTA, INC. contain multiple vulnerabilities listed below. Incorrect authorization CWE-863 - CVE-2021-20868 Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2021-20869 Improper handling of...
CXF: Large invalid content could cause temporary space to fill
It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...
CXF: Large invalid content could cause temporary space to fill
It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...
CXF: Large invalid content could cause temporary space to fill
It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...
CXF: Large invalid content could cause temporary space to fill
It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...
CXF: Large invalid content could cause temporary space to fill
It was found that when a large invalid SOAP message was processed by Apache CXF, it could be saved to a temporary file in the /tmp directory. A remote attacker could send a specially crafted SOAP message that, when processed by an application using Apache CXF, would use an excessive amount of dis...