CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3498 – Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-3498
14 Jun 2024 — Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. ... This vulnerability allows local attackers to execute arbitrary code on affected installations of Toshiba e-STUDIO2518A printers. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://jvn.jp/en/vu/JVNVU97136265/index.html • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3497 – Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-3497
14 Jun 2024 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Toshiba e-STUDIO2518A printers. ... An attacker can leverage this vulnerability to execute code in the context of root. • https://jvn.jp/en/vu/JVNVU97136265/index.html • CWE-23: Relative Path Traversal •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27180 – TOCTOU vulnerability
https://notcve.org/view.php?id=CVE-2024-27180
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-276: Incorrect Default Permissions •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27179 – Session disclosure inside the log files
https://notcve.org/view.php?id=CVE-2024-27179
14 Jun 2024 — En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more. • https://packetstorm.news/files/id/179367 • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27178 – Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27178
14 Jun 2024 — An attacker can get Remote Code Execution by overwriting files. ... This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... Para obtener detalles sobre otras vulnerabilidades relacionadas, consulte al siguiente punto de contacto. https://www.toshibatec.com/contacts/products/ En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerabl... • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27177 – Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27177
14 Jun 2024 — An attacker can get Remote Code Execution by overwriting files. ... This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... Para obtener detalles sobre otras vulnerabilidades relacionadas, consulte al siguiente punto de contacto. https://www.toshibatec.com/contacts/products/ En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerabl... • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27176 – Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-27176
14 Jun 2024 — An attacker can get Remote Code Execution by overwriting files. ... This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... Para obtener detalles sobre otras vulnerabilidades relacionadas, consulte al siguiente punto de contacto. https://www.toshibatec.com/contacts/products/ En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerabl... • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27175 – Local File Inclusion
https://notcve.org/view.php?id=CVE-2024-27175
14 Jun 2024 — Remote Command program allows an attacker to read any file using a Local File Inclusion vulnerability. ... El programa Remote Command permite a un atacante leer cualquier archivo utilizando una vulnerabilidad de inclusión de archivos locales. ... En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. 103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privil... • https://packetstorm.news/files/id/179367 • CWE-73: External Control of File Name or Path •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-27174 – insecure upload
https://notcve.org/view.php?id=CVE-2024-27174
14 Jun 2024 — Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. ... El programa Remote Command permite a un atacante obtener la ejecución remota de código. ... Para obtener detalles sobre otras vulnerabilidades relacionadas, consulte al siguiente punto de contacto. • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-27173 – insecure upload
https://notcve.org/view.php?id=CVE-2024-27173
14 Jun 2024 — Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. This vulnerability can be executed in combination with... • https://packetstorm.news/files/id/179367 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •