Vulnerabilities > Kyocera > Ecosys M5526Cdw Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2019-13200 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS.
network
kyocera CWE-79
4.3
2020-03-13 CVE-2019-13199 Cross-Site Request Forgery (CSRF) vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF.
network
kyocera CWE-352
4.3
2020-03-13 CVE-2019-13198 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS.
network
kyocera CWE-79
4.3
2020-03-13 CVE-2019-13195 Path Traversal vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.
network
low complexity
kyocera CWE-22
5.0
2020-03-13 CVE-2019-13205 Information Exposure vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users.
network
low complexity
kyocera CWE-200
5.0