Lucene search
K

34 matches found

CVE
CVE
added 2023/11/03 12:0 a.m.67 views

CVE-2023-34260

Kyocera TASKalfa 4053ci printers (firmware 2VG_S000.002.561 and earlier) are affected by a path traversal/DoS vulnerability (CVE-2023-34260) in the Kyocera Command Center RX context, enabling read attempts of /etc via the endpoint path wlmdeu/../../.. followed by a /etc reference. The issue is co...

7.5CVSS7.3AI score0.67994EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/03 12:0 a.m.21 views

CVE-2023-34261

Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error...

7.1AI score0.06749EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/11/03 12:0 a.m.31 views

CVE-2023-34259

Kyocera TASKalfa 4053ci printers through 2VGS000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575...

5.3AI score0.57683EPSS
Exploits2References2
CVE
CVE
added 2023/11/03 12:0 a.m.145 views

CVE-2023-34259

Kyocera TASKalfa 4053ci printers (versions up to 2VG_S000.002.561) are affected by CVE-2023-34259 due to a path traversal vulnerability that reads arbitrary filesystem files, including root‑level data. The issue stems from an incomplete fix for CVE-2020-23575 and manifests in a vulnerable endpoin...

4.9CVSS6.3AI score0.57683EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.2 views

PT-2023-24783 · Kyocera · Kyocera Taskalfa 4053Ci

Name of the Vulnerable Software and Affected Versions: Kyocera TASKalfa 4053ci printers versions 2VG S000.002.561 and earlier Description: The issue allows a denial of service service outage via the "/wlmdeu%2f%2e%2e%2f%2e%2e" endpoint followed by a directory reference such as "%2fetc%00index.htm...

7.5CVSS7.4AI score0.67994EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.3 views

PT-2023-24781

Name of the Vulnerable Software and Affected Versions Kyocera TASKalfa 4053ci printers versions 2VG S000.002.561 and earlier Description The issue allows directory traversal to read arbitrary files on the filesystem, even files that require root privileges, via the /wlmdeu%2f%2e%2e%2f%2e%2e...

4.9CVSS6.8AI score0.57683EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2023/11/02 12:0 a.m.6 views

PT-2023-24784 · Kyocera · Kyocera Taskalfa 4053Ci

Name of the Vulnerable Software and Affected Versions: Kyocera TASKalfa 4053ci printers through 2VG S000.002.561 Description: The issue allows identification of valid user accounts via username enumeration. This occurs because the system returns a "nicht einloggen" error rather than a "falsch"...

5.3CVSS6.6AI score0.06749EPSS
Exploits2References7
NVD
NVD
added 2022/12/05 4:15 a.m.28 views

CVE-2022-41830

Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa 5550ci/4550ci/3550ci/3050ci,...

4.8CVSS0.00823EPSS
Exploits0References3
NVD
NVD
added 2022/12/05 4:15 a.m.20 views

CVE-2022-41798

Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci,...

6.5CVSS0.00588EPSS
Exploits0References3
Prion
Prion
added 2022/12/05 4:15 a.m.20 views

Code injection

Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows: TASKalfa 7550ci/6550ci,...

3.3CVSS6.2AI score0.00588EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/05 12:0 a.m.28 views

CVE-2022-41807

Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci,...

6.7AI score0.00491EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/24 12:0 a.m.11 views

Unauthorized Access Vulnerability in Kyocera Corporation's TASKalfa 2552ci

TASKalfa 2552ci is a printer from Kyocera Corporation. An unauthorized access vulnerability exists in the Kyocera Corporation TASKalfa 2552ci, which can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
Prion
Prion
added 2019/05/14 8:29 p.m.10 views

Design/Logic Flaw

DoBoxCstmBoxInfo.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request...

5CVSS7.5AI score0.0217EPSS
Exploits1References1
CVE
CVE
added 2019/05/14 7:58 p.m.46 views

CVE-2018-16656

CVE-2018-16656 affects Kyocera TASKalfa 4002i and 6002i devices, where the DoBox_CstmBox_Info.model.htm component can be manipulated via HTTP to read other users’ documents. The available connected data identify the affected models and the root cause as improper handling of a modified HTTP reques...

7.5CVSS7.5AI score0.0217EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder