Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Kyocera Subscribe
Filtered by product Ecosys M5526cdw

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13205 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2021-07-21 5.0 MEDIUM 7.5 HIGH
All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when authenticated, and the pages that loaded this information were also protected. However, all files that contained the configuration parameters were accessible. These files contained sensitive information, such as users, community strings, and other passwords configured in the printer.
CVE-2019-13195 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2020-03-19 5.0 MEDIUM 7.5 HIGH
The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.
CVE-2019-13196 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2020-03-18 9.0 HIGH 8.8 HIGH
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
CVE-2019-13206 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2020-03-18 9.0 HIGH 8.8 HIGH
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.
CVE-2019-13203 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2020-03-18 9.0 HIGH 8.8 HIGH
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.