CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13204
https://notcve.org/view.php?id=CVE-2019-13204
13 Mar 2020 — Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by multiple buffer overflow vulnerabilities in the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS), and potentially execute arbitrary code on the device. Algunas impresoras Kyocera (tal y como la ECOSYS M5526cdw versión 2R7_2000.001.701), fueron afectadas por múltiples vulnerabilidades de desbordamiento de búfer en el servicio IPP. Esto permitiría a un atacante no autenticado causa... • https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13205
https://notcve.org/view.php?id=CVE-2019-13205
13 Mar 2020 — All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when authenticated, and the pages that loaded this information were also protected. However, all files that contained the configuration parameters were accessible. These files contained sensitive information, such as users, community strings, and other passwords configured in the printer. Todos los parámetros de con... • https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13206
https://notcve.org/view.php?id=CVE-2019-13206
13 Mar 2020 — Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. Algunas impresoras Kyocera (tal y como la ECOSYS M5526cdw versión 2R7_2000.001.701), fueron afectadas por una vulnerabilidad de desbordamiento de búfer en m... • https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-6452
https://notcve.org/view.php?id=CVE-2019-6452
06 Jun 2019 — Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci permiten que atacantes remotos puedan abusar del botón de prueba en la libreta de direcciones de la máquina para obtener una contraseña FTP o SMB de texto simple. • http://www.nccst.nat.gov.tw • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-16656
https://notcve.org/view.php?id=CVE-2018-16656
14 May 2019 — DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. En DoBox_CstmBox_Info.model.htm en los dispositivos Kyocera TASKalfa versión 4002i y versión 6002i, permite a los atacantes remotos leer los documentos de usuarios arbitrarios por medio de una petición HTTP modificada. • https://mars-cheng.github.io/blog/2019/CVE-2018-16656 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2012-5174
https://notcve.org/view.php?id=CVE-2012-5174
30 Nov 2012 — The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR devices allow remote attackers to cause a denial of service (persistent reboot) via an e-mail message in an invalid format. Los dispositivos KYOCERA AH-K3001V , AH-K3002V, WX300K, WX310K, WX320K y WX320KR permiten a atacantes remotos provocar una denegación de servicio (reinicio persistente) a través de un mensaje de correo electrónico con un formato no válido. • http://jvn.jp/en/jp/JVN83907168/361447/index.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2008-4040
https://notcve.org/view.php?id=CVE-2008-4040
11 Sep 2008 — Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. Vulnerabilidad de salto de directorio en Kyocera Command Center en Kyocera FS-118MFP que permite a los atacantes remotos leer archivos arbitrarios a través de .. (punto punto) en la URI. • http://packetstorm.linuxsecurity.com/0808-exploits/kyocera-traversal.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0789
https://notcve.org/view.php?id=CVE-2006-0789
19 Feb 2006 — Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session. • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0344.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0788
https://notcve.org/view.php?id=CVE-2006-0788
19 Feb 2006 — Kyocera 3830 (aka FS-3830N) printers have a back door that allows remote attackers to read and alter configuration settings via strings that begin with "!R!SIOP0", as demonstrated using (1) a connection to to TCP port 9100 or (2) the UNIX lp command. • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0344.html •