Vulnerabilities > Kyocera > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-50916 Path Traversal vulnerability in Kyocera Device Manager
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path.
network
low complexity
kyocera CWE-22
7.2
2023-11-03 CVE-2023-34260 Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware 2Vgs000.002.561
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory.
network
low complexity
kyocera CWE-22
7.5
2022-04-04 CVE-2022-1026 Insufficiently Protected Credentials vulnerability in Kyocera NET Viewer 2S01000.005.0012S52000.002.505
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
network
low complexity
kyocera CWE-522
8.6
2021-05-10 CVE-2020-23575 Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware
A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus.
network
low complexity
kyocera CWE-22
7.5
2020-03-13 CVE-2019-13196 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
8.8
2020-03-13 CVE-2019-13195 Path Traversal vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.
network
low complexity
kyocera CWE-22
7.5
2020-03-13 CVE-2019-13206 Classic Buffer Overflow vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-120
8.8
2020-03-13 CVE-2019-13205 Missing Authentication for Critical Function vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users.
network
low complexity
kyocera CWE-306
7.5
2020-03-13 CVE-2019-13203 Integer Overflow or Wraparound vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
network
low complexity
kyocera CWE-190
8.8
2019-06-06 CVE-2019-6452 Insufficiently Protected Credentials vulnerability in Kyocera Command Center RX
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password.
network
low complexity
kyocera CWE-522
8.8