Vulnerabilities > Kyocera > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-13 | CVE-2019-13199 | Cross-Site Request Forgery (CSRF) vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701 Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF. | 4.3 |
| 2020-03-13 | CVE-2019-13198 | Cross-site Scripting vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701 The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS. | 4.3 |
| 2020-03-13 | CVE-2019-13195 | Path Traversal vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701 The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system. | 5.0 |
| 2020-03-13 | CVE-2019-13205 | Information Exposure vulnerability in Kyocera Ecosys M5526Cdw Firmware 2R72000.001.701 All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. | 5.0 |
| 2019-06-06 | CVE-2019-6452 | Insufficiently Protected Credentials vulnerability in Kyocera Command Center RX Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. | 4.0 |
| 2019-05-14 | CVE-2018-16656 | Information Exposure vulnerability in Kyocera Taskalfa 4002I Firmware and Taskalfa 6002I Firmware DoBox_CstmBox_Info.model.htm on Kyocera TASKalfa 4002i and 6002i devices allows remote attackers to read the documents of arbitrary users via a modified HTTP request. | 5.0 |
| 2006-02-19 | CVE-2006-0788 | Unspecified vulnerability in Kyocera Fs-3830N Kyocera 3830 (aka FS-3830N) printers have a back door that allows remote attackers to read and alter configuration settings via strings that begin with "!R!SIOP0", as demonstrated using (1) a connection to to TCP port 9100 or (2) the UNIX lp command. | 5.0 |