Vulnerabilities > Kyocera

DATE CVE VULNERABILITY TITLE RISK
2022-04-04 CVE-2022-1026 Insufficiently Protected Credentials vulnerability in Kyocera NET Viewer
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
network
low complexity
kyocera CWE-522
5.0
2021-05-10 CVE-2020-23575 Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware
A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus.
network
low complexity
kyocera CWE-22
5.0
2020-11-17 CVE-2020-25890 Cross-site Scripting vulnerability in Kyocera Ecosys M2640Idw Firmware
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book".
network
kyocera CWE-79
4.3
2020-03-13 CVE-2019-13202 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the okhtmlfile and failhtmlfile parameters of several functionalities of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
critical
10.0
2020-03-13 CVE-2019-13201 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the LPD service.
network
low complexity
kyocera CWE-120
critical
10.0
2020-03-13 CVE-2019-13200 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS.
network
kyocera CWE-79
4.3
2020-03-13 CVE-2019-13199 Cross-Site Request Forgery (CSRF) vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF.
network
kyocera CWE-352
4.3
2020-03-13 CVE-2019-13198 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS.
network
kyocera CWE-79
4.3
2020-03-13 CVE-2019-13197 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the URI paths of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
critical
10.0
2020-03-13 CVE-2019-13196 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
critical
9.0