Vulnerabilities > Kyocera > Ecosys M2535Dn Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-05 | CVE-2022-41798 | Authentication Bypass by Spoofing vulnerability in Kyocera products Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. | 6.5 |
2022-12-05 | CVE-2022-41807 | Missing Authorization vulnerability in Kyocera products Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. | 6.5 |
2022-12-05 | CVE-2022-41830 | Cross-site Scripting vulnerability in Kyocera products Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. | 4.8 |