← voltar
CVE-2019-25324

RICOH Web Image Monitor 1.09 - HTML Injection

CVSS 5.1 MEDIUMEPSS 0.2%CWE-79
RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling cross-site scripting attacks.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Produtos afetados
RICOH · RICOH Web Image Monitor

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://support-download.com/services/device/webhlp/nb/gen/v140cc1/en/p_top010.htmlhttps://www.exploit-db.com/exploits/47827https://www.ricoh.com/https://www.vulncheck.com/advisories/ricoh-web-image-monitor-html-injection