EUVD-2023-55647

Malicious code in bioql PyPI...

The vulnerability of the software for centralized control of printing devices, Kyocera Device Manager, arises from incorrect restrictions on the path to the restricted access catalog. This allows attackers to bypass the authentication process.

The vulnerability of the Kyocera Device Manager software for centralized control of printing devices is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...

CVE-2023-50916

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...

Path traversal

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...

Kyocera Device Manager Path Traversal Vulnerability

Kyocera Device Manager is a server-based solution from Kyocera, Japan. A path traversal vulnerability exists in Kyocera Device Manager versions prior to 3.1.1213.0, which originates from an attacker being able to change a local path to a UNC path. Upon receipt of a UNC path, Kyocera Device Manage...

CVE-2023-50916

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...

CVE-2023-50916

Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...

PT-2023-8650 · Kyocera · Kyocera Device Manager

Name of the Vulnerable Software and Affected Versions: Kyocera Device Manager versions prior to 3.1.1213.0 Description: The issue is related to incorrect restriction of a directory path with limited access. Exploitation may allow a remote attacker to bypass the authentication process. The...

Kyocera d-COLOR MF3555 跨站脚本漏洞

Kyocera d-COLOR MF3555 is a color multifunction printer from Kyocera Japan.A cross-site scripting vulnerability exists in the Kyocera d-COLOR MF3555 2XDS000.002.271 device, which stems from a web application not properly checking parameters before saving them to the server, and can be exploited b...