Toshiba Tec Printers
by Toshiba
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-27145 | Cri | 0.64 | 9.8 | 0.00 | Jun 14, 2024 | The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and … | ||
| CVE-2024-27170 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-27158 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL. | ||
| CVE-2024-27163 | Med | 0.42 | 6.5 | 0.00 | Jun 14, 2024 | Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and… | ||
| CVE-2024-27161 | Med | 0.40 | 6.2 | 0.00 | Jun 14, 2024 | all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other… |
- risk 0.64cvss 9.8epss 0.00
The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and …
- risk 0.48cvss 7.4epss 0.00
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the readable file. Then, it is possible to get a full access with WebDAV to the printer. As for the affected products/models/versions, see the reference URL.
- risk 0.48cvss 7.4epss 0.00
All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL.
- risk 0.42cvss 6.5epss 0.00
Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an admin or abusing a XSS vulnerability can recover this password in clear-text and…
- risk 0.40cvss 6.2epss 0.00
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the encryption. This vulnerability can be executed in combination with other…