CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

Search Vulnerabilities

Software

Searching vulnerabilities affecting “toshibatec”

10 vulnerabilities found for “toshibatec”

CVE-2024-45842

MEDIUM5.3

Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-47801

HIGH7.4

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-48870

MEDIUM6.2

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-47549

HIGH7.4

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-45829

MEDIUM4.9

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-43424

HIGH7.5

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-42420

HIGH7.5

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-47406

CRITICAL9.1

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2024-47005

HIGH8.1

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs.

toshibatec / e-studio1058_firmware+319

Network

Published Oct 25, 2024

CVE-2023-29984

HIGH7.5

Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor.

fujifilm / docuprint_m265_z_firmware+216

Network

Published Jul 11, 2023