Mx-3571 Firmware Security Vulnerabilities and Issues — Mx-3571 Firmware CVE List

SharpMx-3571 Firmware

10 matches found

CVE•added 2024/10/25 6:18 a.m.•83 views

CVE-2024-42420

CVE-2024-42420 affects Sharp and Toshiba Tec MFPs. It involves multiple out-of-bounds read vulnerabilities (CWE-125) caused by improper processing of keyword search input and SOAP messages. Exploitation could be triggered by crafted HTTP requests, potentially crashing affected devices. Remediatio...

7.5CVSS7.6AI score0.00729EPSS

CVE•added 2024/10/25 6:18 a.m.•79 views

CVE-2024-47005

CVE-2024-47005 affects Sharp and Toshiba Tec MFPs. The flaw is insufficient access restriction on certain configuration-related APIs, which are intended for administrative users only but may be invoked by non-administrative users. Impact described in connected sources includes the potential for n...

8.1CVSS8.2AI score0.00457EPSS

CVE•added 2022/12/16 12:0 a.m.•71 views

CVE-2022-45796

CVE-2022-45796 affects SHARP Digital Full-color Multifunctional System and related monochrome MFPs. The vulnerability is a command injection in the nw_interface.html component, enabling remote attackers with network access to execute arbitrary commands on affected devices. Affected versions inclu...

9.1CVSS8AI score0.03232EPSS

CVE•added 2024/10/25 6:18 a.m.•58 views

CVE-2024-45842

The CVE-2024-45842 issue affects Sharp and Toshiba Tec MFPs (multifunction printers). Root cause: improper processing of URI data in HTTP PUT requests, leading to a path traversal vulnerability. Impact: unintended internal files may be retrieved when processing crafted HTTP requests. Connected so...

5.3CVSS5.4AI score0.00541EPSS

CVE•added 2024/10/25 6:18 a.m.•56 views

CVE-2024-47801

CVE-2024-47801 affects Sharp and Toshiba Tec MFPs. The vulnerability is a reflected cross-site scripting flaw caused by improper processing of query parameters in HTTP requests, enabling script execution in the user's browser when a crafted URL is opened. Technical details confirm the issue locat...

7.4CVSS7.1AI score0.00338EPSS

CVE•added 2024/10/25 6:18 a.m.•53 views

CVE-2024-45829

CVE-2024-45829 affects Sharp and Toshiba Tec MFPs. The issue is an Out-of-bounds Read in the web page used to download data, caused by improper processing of query parameters in HTTP requests. Crafting such requests can crash affected devices. Documents do not provide exploit details or fixed ver...

7.5CVSS5.2AI score0.00685EPSS

CVE•added 2024/10/25 6:18 a.m.•53 views

CVE-2024-47549

CVE-2024-47549 affects Sharp and Toshiba Tec MFPs. The issue stems from improper processing of query parameters in HTTP requests, which can contaminate unintended data into HTTP response headers. Accessing a crafted URL targeting an affected product may cause malicious script execution in the web...

7.4CVSS7.3AI score0.00338EPSS

CVE•added 2024/10/25 6:18 a.m.•50 views

CVE-2024-48870

CVE-2024-48870 affects Sharp and Toshiba Tec MFPs. The issue is improper validation of input data in URI data registration, causing a stored cross-site scripting vulnerability if crafted input is stored by an administrative user; this can lead to malicious scripts executing in other users’ browse...

6.2CVSS6.2AI score0.00324EPSS

CVE•added 2024/10/25 6:18 a.m.•48 views

CVE-2024-43424

CVE-2024-43424 affects Sharp and Toshiba Tec MFPs. The vulnerability arises from improper processing of HTTP request headers, leading to an out-of-bounds read. This can cause crafted HTTP requests to crash affected products. Documents indicate remediation via firmware updates from the vendors, an...

7.5CVSS7.6AI score0.00729EPSS

CVE•added 2024/10/25 6:18 a.m.•46 views

CVE-2024-47406

CVE-2024-47406 affects Sharp and Toshiba Tec MFPs. The issue is described as an improper processing of HTTP authentication requests, leading to an authentication bypass (CWE-288). Connected sources (JVNDB-2024-011256, NVD entries, and CVE listings) confirm affected products are Sharp and Toshiba ...

9.8CVSS9.5AI score0.00599EPSS