CVE-2024-36251

EPSS 0.29%
Veröffentlicht 26.11.2024 08:15:06
Zuletzt bearbeitet 26.11.2024 08:15:06
Quelle vultures@jpcert.or.jp
Teams Watchlist Login
Unerledigt Login

The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedef_sub_sel.html is not processed properly and device-crash happens. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)

Herstellersharp

≫

Produkt mx-m905

Default Statusunknown

Version 611

Status affected

Herstellersharp

≫

Produkt mx-m6070

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m5070

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m4070

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m3570

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m3070

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m6050

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m5050

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m4050

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m3550

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m3050

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m2630

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt mx-m6070

Default Statusunknown

Version 502

Status affected

Herstellersharp

≫

Produkt bp-b550wd

Default Statusunknown

Version 250

Status affected

Herstellersharp

≫

Produkt bp-b540wr

Default Statusunknown

Version 250

Status affected

Herstellersharp

≫

Produkt bp-b547wd

Default Statusunknown

Version 250

Status affected

Herstellersharp

≫

Produkt bp-b537wr

Default Statusunknown

Version 250

Status affected

Herstellersharp

≫

Produkt mx-b455w

Default Statusunknown

Version 404

Status affected

Herstellersharp

≫

Produkt mx-b355w

Default Statusunknown

Version 404

Status affected

Herstellersharp

≫

Produkt mx-b455wz

Default Statusunknown

Version 404

Status affected

Herstellersharp

≫

Produkt mx-b355wz

Default Statusunknown

Version 404

Status affected

Herstellersharp

≫

Produkt mx-b455wt

Default Statusunknown

Version 404

Status affected

Herstellersharp

≫

Produkt mx-b355wt

Default Statusunknown

Version 404

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.522

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
vultures@jpcert.or.jp	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://global.sharp/products/copier/info/info_security_2024-05.html

https://jp.sharp/business/print/information/info_security_2024-05.html

https://jvn.jp/en/vu/JVNVU93051062/

https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html

https://www.toshibatec.co.jp/information/20240531_02.html

https://www.toshibatec.com/information/20240531_02.html

https://nvd.nist.gov/vuln/detail/CVE-2024-36251

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-36251

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-36251

EUVD