CVE-2024-47406

Summary

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.

Affected Software

VendorProductVersion RangeStatus
Sharp CorporationSharp Digital Full-color MFPs and Monochrome MFPssee the information provided by Sharp Corporationaffected
Toshiba Tec Corporatione-STUDIO 908T2.12.h3.00 and earlier versionsaffected
Toshiba Tec Corporatione-STUDIO 1058T1.01.h4.00 and earlier versionsaffected
Toshiba Tec Corporatione-STUDIO 1208T1.01.h4.00 and earlier versionsaffected

Weaknesses

  • CWE-288: Authentication Bypass Using an Alternate Path or Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References