VYPR
Vendor

Kyocera

Products
24
CVEs
31
Across products
41
Status
Private

Products

24

Recent CVEs

31
View all 31 CVEs →
  • CVE-2023-49367HigSep 18, 2025
    risk 0.57cvss 8.8epss 0.00

    An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain sensitive information via inspecting sent packages by user.

  • CVE-2023-34259Nov 3, 2023
    risk 0.07cvss epss 0.58

    Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.

  • CVE-2022-1026Apr 4, 2022
    risk 0.07cvss epss 0.15

    Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.

  • CVE-2020-23575May 10, 2021
    risk 0.07cvss epss 0.37

    A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the affected server.

  • CVE-2019-25254Dec 24, 2025
    risk 0.00cvss epss 0.00

    KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with…

  • CVE-2019-25253Dec 24, 2025
    risk 0.00cvss epss 0.01

    KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve…

  • CVE-2023-50916Jan 10, 2024
    risk 0.00cvss epss 0.05

    Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change…

  • CVE-2023-34260Nov 3, 2023
    risk 0.00cvss epss 0.68

    Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory.

  • CVE-2023-34261Nov 3, 2023
    risk 0.00cvss epss 0.07

    Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.

  • CVE-2023-25954Apr 13, 2023
    risk 0.00cvss epss 0.00

    KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. When a malicious app is installed on the victim user's Android device, the app may…

  • CVE-2022-41798Dec 5, 2022
    risk 0.00cvss epss 0.01

    Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to log in to the product by spoofing a user with guessed session information. Affected products/versions are as follows:…

  • CVE-2022-41807Dec 5, 2022
    risk 0.00cvss epss 0.00

    Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows:…

  • CVE-2022-41830Dec 5, 2022
    risk 0.00cvss epss 0.01

    Stored cross-site scripting vulnerability in Kyocera Document Solutions MFPs and printers allows a remote authenticated attacker with an administrative privilege to inject arbitrary script. Affected products/versions are as follows: TASKalfa 7550ci/6550ci, TASKalfa…

  • CVE-2020-25890Nov 17, 2020
    risk 0.00cvss epss 0.01

    The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web…

  • CVE-2019-13195Mar 13, 2020
    risk 0.00cvss epss 0.03

    The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.

  • CVE-2019-13196Mar 13, 2020
    risk 0.00cvss epss 0.02

    Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service…

  • CVE-2019-13197Mar 13, 2020
    risk 0.00cvss epss 0.03

    Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the URI paths of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially…

  • CVE-2019-13198Mar 13, 2020
    risk 0.00cvss epss 0.01

    The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions.

  • CVE-2019-13199Mar 13, 2020
    risk 0.00cvss epss 0.01

    Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device.

  • CVE-2019-13200Mar 13, 2020
    risk 0.00cvss epss 0.01

    The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted…