CVE-2022-37406
N/A
N/A
Summary
Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| RICOH COMPANY, LTD. | Aficio SP 4210N | firmware versions prior to Web Support 1.05 | affected |
Weaknesses
- Cross-site scripting
ADP Enrichment
CVE Program Container
Additional References
- https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm
- https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm
- https://jvn.jp/en/jp/JVN24659622/index.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htm
- https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/4101044/4101044791/V101/5236968/redirect_CLUTool_DOM/history.htm
- https://jvn.jp/en/jp/JVN24659622/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.