Olivetti

D-color Mf3555 Firmware

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2022-25342

Exploit
  • EPSS 0.16%
  • Veröffentlicht 20.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:52:02

An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Broken Access Control. It does not properly validate requests for access to data and functionality under the /mngset/authset path. By not ...

7.8

CVE-2022-25343

Exploit
  • EPSS 1.5%
  • Veröffentlicht 20.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:52:02

An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Denial of Service. An unauthenticated attacker, who can send POST requests to the /download/set.cgi page by manipulating the failhtmfile v...

6.1

CVE-2022-25344

Exploit
  • EPSS 0.53%
  • Veröffentlicht 20.04.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:52:02

An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application doesn't properly check parameters, sent in a /dvcset/sysset/set.cgi POST request via the arg01.Hostname field, before saving them on the server. In a...