CVE-2025-35970

On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the...

PT-2025-31797 · Fujifilm · Fujifilm Business Innovation Mfps

Name of the Vulnerable Software and Affected Versions: FUJIFILM Business Innovation MFPs affected versions not specified Description: An out-of-bounds write issue exists in FUJIFILM Business Innovation MFPs. Sending a specially crafted Internet Printing Protocol IPP or Line Printer Daemon LPD...

CVE-2024-51984 Authenticated disclosure of external service passwords via pass-back attack affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...

CVE-2024-51984

CVE-2024-51984 describes an authentication-based credential disclosure risk affecting multiple Brother-branded devices and peers (Konica Minolta, FUJIFILM, Ricoh, Toshiba Tec) via pass-back to external services. An authenticated attacker can reconfigure a target device to use an attacker-controll...

CVE-2024-51982 Unauthenticated Denial of Service (DoS) via malformed PJL request affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, and Ricoh.

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

CVE-2024-51982

CVE-2024-51982: Unauthenticated attacker on TCP port 9100 can send Printer Job Language (PJL) commands to crash the target device (then reboot) and can repeat the crash. Root cause cited: malformed FORMLINES (non-numeric value). Affected models span Brother devices and additional vendors in the c...

CVE-2024-51980 Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker may perform a limited server side request forgery SSRF, forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service HTTP TCP port 80 SOAP request. The...

CVE-2024-51980

CVE-2024-51980 is an unauthenticated SSRF that, via WS-Addressing ReplyTo in a SOAP web service on HTTP (port 80), forces affected devices to open a TCP connection to an arbitrary IP/port. The vulnerability is reported across multiple Brother Konica Minolta, FUJIFILM, Ricoh, and Toshiba devices (...

Fujifilm DocuPrint多款产品 缓冲区错误漏洞

Fujifilm DocuPrint and Fujifilm DocuPrint CP225w are both products of Fujifilm Corporation, Japan.Fujifilm DocuPrint is a series of duplex multifunction copiers.Fujifilm DocuPrint CP225w is a printer. A buffer error vulnerability exists in various Fujifilm DocuPrint products, which stems from an...

Fuji Xerox / Fujifilm Printers Multiple Vulnerabilities (Mar 2024)

Multiple Fuji Xerox / Fujifilm printers are prone to multiple vulnerabilities in the Web Based Management. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Fuji Xerox / Fujifilm Printers CSRF Vulnerability (Mar 2024)

Multiple Fuji Xerox / Fujifilm printers are prone to cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

JVN#34328023: FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery

Multiple printers provided by FUJIFILM Business Innovation Corp. contain a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logging in, the user information may be altered. In the case the user is an administrator, the settings such as the...

Design/Logic Flaw

Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...

CVE-2023-46327

CVE-2023-46327 affects FUJIFILM Business Innovation Corp. and Xerox multifunction printers that export Address Book data with encrypted form but weak encryption. The connected sources confirm the root issue is insufficient encryption strength, enabling an attacker with knowledge of the encryption...

CVE-2023-46327

Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...

CVE-2023-46327

Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...

PT-2023-29962 · Xerox · Mfps

Name of the Vulnerable Software and Affected Versions: MFPs multifunction printers from FUJIFILM Business Innovation Corp. and Xerox Corporation affected versions not specified Description: The multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation have a...

FujiFilm printer credentials encryption issue fixed

TL;DR Many multi-function printers made by FujiFilm Business Innovation Corporation Fujifilm which includes Apeos, ApeosPro, PrimeLink and RevoriaPress brands as well as Xerox Corporation Xerox which includes VersaLink, PrimeLink, and WorkCentre brands, allow administrators to store credentials o...

Fuji Xerox/Fujifilm Printers DoS Vulnerability (Jul 2023)

Multiple Fuji Xerox / Fujifilm printers are prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Fuji Xerox / Fujifilm Printer Detection (SNMP)

SNMP based detection of Fuji Xerox / Fujifilm printer devices. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...