Vulnerabilities > Kyocera > Taskalfa 306I Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-41798 Authentication Bypass by Spoofing vulnerability in Kyocera products
Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information.
low complexity
kyocera CWE-290
6.5
2022-12-05 CVE-2022-41807 Missing Authorization vulnerability in Kyocera products
Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request.
low complexity
kyocera CWE-862
6.5
2022-12-05 CVE-2022-41830 Cross-site Scripting vulnerability in Kyocera products
Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script.
network
low complexity
kyocera CWE-79
4.8