Vulnerabilities > Kyocera

DATE CVE VULNERABILITY TITLE RISK
2020-11-17 CVE-2020-25890 Cross-site Scripting vulnerability in Kyocera Ecosys M2640Idw Firmware
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book".
network
low complexity
kyocera CWE-79
6.1
2020-03-13 CVE-2019-13202 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the okhtmlfile and failhtmlfile parameters of several functionalities of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
critical
9.8
2020-03-13 CVE-2019-13201 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the LPD service.
network
low complexity
kyocera CWE-120
critical
9.8
2020-03-13 CVE-2019-13200 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS.
network
low complexity
kyocera CWE-79
6.1
2020-03-13 CVE-2019-13199 Cross-Site Request Forgery (CSRF) vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF.
network
low complexity
kyocera CWE-352
6.5
2020-03-13 CVE-2019-13198 Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS.
network
low complexity
kyocera CWE-79
6.1
2020-03-13 CVE-2019-13197 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the URI paths of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
critical
9.8
2020-03-13 CVE-2019-13196 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
8.8
2020-03-13 CVE-2019-13195 Path Traversal vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.
network
low complexity
kyocera CWE-22
7.5
2020-03-13 CVE-2019-13206 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
8.8