Critical severity9.1NVD Advisory· Published Nov 26, 2024· Updated Apr 15, 2026
CVE-2024-33610
CVE-2024-33610
Description
"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' session information including session cookies, and "sys_trayentryreboot.html" allows to reboot the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- seclists.org/fulldisclosure/2024/Jul/0nvd
- global.sharp/products/copier/info/info_security_2024-05.htmlnvd
- jp.sharp/business/print/information/info_security_2024-05.htmlnvd
- jvn.jp/en/vu/JVNVU93051062/nvd
- pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.htmlnvd
- www.toshibatec.co.jp/information/20240531_02.htmlnvd
- www.toshibatec.com/information/20240531_02.htmlnvd
News mentions
0No linked articles in our index yet.