3 matches found
CVE-2022-41807
CVE-2022-41807 describes a missing authorization vulnerability in Kyocera Document Solutions MFPs and printers, allowing a network-adjacent attacker to alter product settings without authentication by sending a crafted request. The affected products span multiple Kyocera lines, including TASKalfa...
CVE-2022-41798
The CVE-2022-41798 issue affects Kyocera Document Solutions MFPs and printers, where session information is easily guessable. This could allow a network-adjacent attacker to log in by spoofing a user with guessed session data. Affected models span multiple product lines, including TASKalfa and EC...
CVE-2022-41830
CVE-2022-41830 describes a stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers. A remote authenticated attacker with administrative privileges can inject arbitrary script via the web interface. Affected products include TASKalfa and ECOSYS series (e.g., TASKa...