CVSS: 9.1EPSS: 0%CPEs: 158EXPL: 0CVE-2022-43969
https://notcve.org/view.php?id=CVE-2022-43969
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. • https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2022-000002 https://www.ricoh.com/software/dev_soft_manager •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2018-15884 – RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)
https://notcve.org/view.php?id=CVE-2018-15884
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. Los dispositivos RICOH MP C4504ex permiten la inyección HTML mediante el parámetro entryNameIn en /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH MP C4504ex printer suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/45264 http://packetstormsecurity.com/files/149082/RICOH-MP-C4504ex-Cross-Site-Request-Forgery.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •