Vulnerabilities > Kyocera

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2019-13205 Missing Authentication for Critical Function vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users.
network
low complexity
kyocera CWE-306
7.5
2020-03-13 CVE-2019-13204 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by multiple buffer overflow vulnerabilities in the IPP service.
network
low complexity
kyocera CWE-120
critical
9.8
2020-03-13 CVE-2019-13203 Integer Overflow or Wraparound vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-190
8.8
2019-06-06 CVE-2019-6452 Insufficiently Protected Credentials vulnerability in Kyocera Command Center RX
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password.
network
low complexity
kyocera CWE-522
8.8
2019-05-14 CVE-2018-16656 Information Exposure vulnerability in Kyocera Taskalfa 4002I Firmware and Taskalfa 6002I Firmware
DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request.
network
low complexity
kyocera CWE-200
7.5