CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13205
https://notcve.org/view.php?id=CVE-2019-13205
13 Mar 2020 — All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when authenticated, and the pages that loaded this information were also protected. However, all files that contained the configuration parameters were accessible. These files contained sensitive information, such as users, community strings, and other passwords configured in the printer. Todos los parámetros de con... • https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13206
https://notcve.org/view.php?id=CVE-2019-13206
13 Mar 2020 — Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. Algunas impresoras Kyocera (tal y como la ECOSYS M5526cdw versión 2R7_2000.001.701), fueron afectadas por una vulnerabilidad de desbordamiento de búfer en m... • https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •