CVE-2025-36506

Summary

External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data.

Affected Software

VendorProductVersion RangeStatus
Ricoh Company, Ltd.RICOH Streamline NX V3 PC Clientversions 3.5.0 to 3.242.0affected

Weaknesses

  • CWE-73: External control of file name or path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References