Page 6 of 45 results (0.014 seconds)

CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0

All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. Todas las impresoras Toshiba comparten la misma contraseña raíz codificada. En cuanto a los productos/modelos/versiones afectados, consulte la URL de referencia. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-1392: Use of Default Credentials •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. Las sesiones se almacenan en registros de texto plano. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference URL. Las cookies de sesión, utilizadas para la autenticación, se almacenan en registros de texto plano. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0

The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL. Las impresoras Toshiba son afectadas por una vulnerabilidad de escalada de privilegios local. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-276: Incorrect Default Permissions •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

Passwords are stored in clear-text logs. An attacker can retrieve passwords. As for the affected products/models/versions, see the reference URL. Las contraseñas se almacenan en registros de texto plano. Un atacante puede recuperar contraseñas. • http://seclists.org/fulldisclosure/2024/Jul/1 https://jvn.jp/en/vu/JVNVU97136265/index.html https://www.toshibatec.com/information/20240531_01.html https://www.toshibatec.com/information/pdf/information20240531_01.pdf • CWE-532: Insertion of Sensitive Information into Log File •