Sharp

Mx-4061 Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2024-47005

  • EPSS 0.2%
  • Veröffentlicht 25.10.2024 07:15:04
  • Zuletzt bearbeitet 05.11.2024 19:36:41

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs.

9.8

CVE-2024-47406

  • EPSS 0.36%
  • Veröffentlicht 25.10.2024 07:15:04
  • Zuletzt bearbeitet 05.11.2024 19:36:13

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.

6.1

CVE-2024-47549

  • EPSS 0.15%
  • Veröffentlicht 25.10.2024 07:15:04
  • Zuletzt bearbeitet 05.11.2024 19:40:52

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script execut...

6.1

CVE-2024-47801

  • EPSS 0.27%
  • Veröffentlicht 25.10.2024 07:15:04
  • Zuletzt bearbeitet 05.11.2024 19:34:53

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web ...

4.8

CVE-2024-48870

  • EPSS 0.25%
  • Veröffentlicht 25.10.2024 07:15:04
  • Zuletzt bearbeitet 05.11.2024 19:34:38

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers ...

7.5

CVE-2024-42420

  • EPSS 0.79%
  • Veröffentlicht 25.10.2024 07:15:03
  • Zuletzt bearbeitet 05.11.2024 19:39:31

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed.

7.5

CVE-2024-43424

  • EPSS 0.79%
  • Veröffentlicht 25.10.2024 07:15:03
  • Zuletzt bearbeitet 05.11.2024 19:39:33

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

7.5

CVE-2024-45829

  • EPSS 0.39%
  • Veröffentlicht 25.10.2024 07:15:03
  • Zuletzt bearbeitet 05.11.2024 19:38:57

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

5.3

CVE-2024-45842

  • EPSS 0.64%
  • Veröffentlicht 25.10.2024 07:15:03
  • Zuletzt bearbeitet 05.11.2024 19:37:13

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests.

7.2

CVE-2022-45796

  • EPSS 2.05%
  • Veröffentlicht 16.12.2022 16:15:25
  • Zuletzt bearbeitet 21.11.2024 07:29:44

Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, an...