Vulnerabilities in Sharp Corporation
42 resultsCVE-2024-23788CRITICALServer-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier alloEPSS 0.8%CVE-2024-23786CRITICALCross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a neEPSS 0.8%CVE-2024-34162MEDIUMThe web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP autheEPSS 0.8%CVE-2024-42420HIGHSharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improEPSS 0.7%CVE-2024-43424HIGHSharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability.
Crafted HTTP requestsEPSS 0.7%CVE-2024-46873CRITICALMultiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote EPSS 0.7%CVE-2024-36254HIGHOut-of-bounds read vulnerability exists in Sharp Corporation and Toshiba Tec Corporation multiple MFPs (multifunction printers), which may lEPSS 0.7%CVE-2024-45829MEDIUMSharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulEPSS 0.7%CVE-2024-47406CRITICALSharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.EPSS 0.6%CVE-2024-47864MEDIUMhome 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote EPSS 0.6%CVE-2024-45842MEDIUMSharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability.
Unintended internaEPSS 0.5%CVE-2024-36249HIGHCross-site scripting vulnerability exists in Sharp Corporation and Toshiba Tech Corporation multiple MFPs (multifunction printers). If this EPSS 0.5%CVE-2024-23783HIGHImproper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows aEPSS 0.5%CVE-2024-52321MEDIUMMultiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files conEPSS 0.5%CVE-2024-47005HIGHSharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficientEPSS 0.5%CVE-2017-10890—Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmwaEPSS 0.4%CVE-2024-23784MEDIUMImproper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, EPSS 0.4%CVE-2024-23785MEDIUMCross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allowEPSS 0.4%CVE-2024-47801HIGHSharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerabilityEPSS 0.3%CVE-2024-47549HIGHSharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP reEPSS 0.3%