CVSS: 9.1EPSS: 0%CPEs: 158EXPL: 0CVE-2022-43969
https://notcve.org/view.php?id=CVE-2022-43969
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. • https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002 https://www.ricoh.com/software/dev_soft_manager •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17314 – RICOH MP 305+ Printer Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-17314
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. En la impresora RICOH Aficio MP 305+, se han descubierto vulnerabilidades de inyección HTML y Cross-Site Scripting (XSS) persistente en el área de adición de direcciones mediante el parámetro entryNameIn en /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH MP 305+ printer suffers from cross site scripting and html injection vulnerabilities. • http://packetstormsecurity.com/files/149501/RICOH-MP-305-Printer-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •