VYPR

SP C250dn

by Ricoh

CVEs (8)

  • CVE-2019-14310CriMar 13, 2020
    risk 0.64cvss 9.8epss 0.02

    Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets

  • CVE-2019-14299CriMar 13, 2020
    risk 0.64cvss 9.8epss 0.01

    Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.

  • CVE-2019-14304HigJan 10, 2020
    risk 0.57cvss 8.8epss 0.01

    Ricoh SP C250DN 1.06 devices allow CSRF.

  • CVE-2019-14309HigMar 13, 2020
    risk 0.49cvss 7.5epss 0.01

    Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders.

  • CVE-2019-14303HigMar 13, 2020
    risk 0.49cvss 7.5epss 0.01

    Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability.

  • CVE-2019-14306HigJan 10, 2020
    risk 0.49cvss 7.5epss 0.01

    Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).

  • CVE-2019-14301HigJan 10, 2020
    risk 0.49cvss 7.5epss 0.01

    Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).

  • CVE-2019-14302MedJan 10, 2020
    risk 0.44cvss 6.8epss 0.00

    On Ricoh SP C250DN 1.06 devices, a debug port can be used.