Filtered by vendor Kyocera
Subscribe
Total
28 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-13205 | 1 Kyocera | 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when authenticated, and the pages that loaded this information were also protected. However, all files that contained the configuration parameters were accessible. These files contained sensitive information, such as users, community strings, and other passwords configured in the printer. | |||||
CVE-2019-13198 | 1 Kyocera | 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions. | |||||
CVE-2019-13201 | 1 Kyocera | 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the LPD service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) in the LPD service and potentially execute arbitrary code on the device. | |||||
CVE-2019-6452 | 1 Kyocera | 3 Command Center Rx, Taskalfa 4501i, Taskalfa 5052ci | 2023-12-10 | 4.0 MEDIUM | 8.8 HIGH |
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. | |||||
CVE-2018-16656 | 1 Kyocera | 4 Taskalfa 4002i, Taskalfa 4002i Firmware, Taskalfa 6002i and 1 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. | |||||
CVE-2012-5174 | 1 Kyocera | 6 Ah-k3001v, Ah-k3002v, Xw300k and 3 more | 2023-12-10 | 7.8 HIGH | N/A |
The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR devices allow remote attackers to cause a denial of service (persistent reboot) via an e-mail message in an invalid format. | |||||
CVE-2006-0788 | 1 Kyocera | 1 Fs-3830n | 2023-12-10 | 5.0 MEDIUM | N/A |
Kyocera 3830 (aka FS-3830N) printers have a back door that allows remote attackers to read and alter configuration settings via strings that begin with "!R!SIOP0", as demonstrated using (1) a connection to to TCP port 9100 or (2) the UNIX lp command. | |||||
CVE-2006-0789 | 1 Kyocera | 1 Fs-3830n | 2023-12-10 | 10.0 HIGH | N/A |
Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session. |