CVE-2024-27148 Local Privilege Escalation and Remote Code Execution using insecure PATH

The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL...

CVE-2024-27143 Pre-authenticated Remote Code Execution

Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba, Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from programs running under root privileges that, if hijacked by some means, could execute arbitrary code on the multifunction device...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from the use of a vulnerable code set in some of the internal program code of the multifunction device, where information could be stolen ...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba, Japan. A security vulnerability exists in Toshiba e-STUDIO, which originates from programs running under root privileges that, if hijacked by some means, could execute arbitrary code on the multifunction device...

PT-2024-21709 · Unknown · Remote Command

Name of the Vulnerable Software and Affected Versions: Remote Command program affected versions not specified Description: The issue allows an attacker to read any file on the printer using a Local File Inclusion vulnerability. This enables unauthorized access to sensitive information stored on t...

PT-2024-21673 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a time-based blind XML External Entity XXE vulnerability in the XML parsing library used by the API endpoint of Toshiba printers. This vulnerability can be...

Hp LaserJet Pro Printer 跨站脚本漏洞

The HP Hp LaserJet Pro Printer is a laser printer from Hewlett-Packard HP. A cross-site scripting vulnerability exists in the Hp LaserJet Pro Printer that originates from the device web management interface being susceptible to cross-site scripting attacks...

Hp LaserJet Pro Printer 安全漏洞

The HP Hp LaserJet Pro Printer is a laser printer from Hewlett-Packard HP in the United States. A security vulnerability exists in the Hp LaserJet Pro Printer that originates from a user with device administrative privileges being able to change the existing SMTP server settings on the device...

Certain HP LaserJet Pro Printers – Potential Information Disclosure

A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. Update your printer...

Certain HP LaserJet Pro – Potential Cross-Site Scripting (XSS)

Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting XSS attack via the web management interface of the device. Update your printer firmware...

Updated tcpdump packages fix security vulnerability

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. CVE-2024-2397...

PaperCut NG和PaperCut MF 后置链接漏洞

PaperCut MF and PaperCut NG are both products of PaperCut Australia.PaperCut MF is a multifunctional printer control software.PaperCut NG is a next-generation printer control software. PaperCut NG and PaperCut MF have a backlink vulnerability that originates from allowing the deletion of arbitrar...

Fedora 39 : tcpdump (2024-272860364f)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-272860364f advisory. Fix for CVE-2024-2397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d Authentication Bypass Using an Alternate Path or Channel (CVE-2023-4957)

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

PaperCut NG 安全漏洞

PaperCut NG is a suite of next-generation printer control software from PaperCut Australia. A security vulnerability exists in PaperCut NG that stems from a code injection vulnerability in the External User Lookup feature...

Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPP server, which listens on TCP port 631 by default. The issue...

SUSE CVE-2024-2397

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

CVE-2024-2397

A flaw was found in tcpdump. Trying to print content from a maliciously crafted .pcap file may lead to an infinite loop, resulting in a denial of service. This issue is considered low severity; for a successful attack to happen, a user must open a crafted file, and it will only crash a single...

CVE-2024-2397

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...