Vulnerabilidades em Sharp Corporation

42 resultados

CVE-2024-33610CRITICAL"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. "sessionlist.html" provides logged-in users' sessioEPSS 45.1%CVE-2024-33605HIGHImproper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affecteEPSS 6.2%CVE-2024-36251HIGHThe web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafteEPSS 3.5%CVE-2024-28038CRITICALThe web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving toEPSS 2.6%CVE-2017-2190—Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gainEPSS 1.6%CVE-2017-2192—Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verifyEPSS 1.6%CVE-2024-28955MEDIUMAffected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine tEPSS 1.3%CVE-2024-32151MEDIUMUser passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump fiEPSS 1.3%CVE-2024-29978MEDIUMUser passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump fiEPSS 1.3%CVE-2020-5571—SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 buildEPSS 1.2%CVE-2024-54082HIGHhome 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS cEPSS 1.2%CVE-2024-45721HIGHhome 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration scEPSS 1.2%CVE-2024-23789CRITICALEnergy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attackeEPSS 1.2%CVE-2017-2189—Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a TrojaEPSS 1.1%CVE-2024-36248CRITICALAPI keys for some cloud services are hardcoded in the "main" binary. As for the details of affected product names, model numbers, and versioEPSS 1.1%CVE-2024-35244CRITICALThere are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords (e.g., by EPSS 1.1%CVE-2017-2191—Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 vEPSS 1.1%CVE-2024-33616MEDIUMAdmin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. SharpEPSS 0.9%CVE-2024-23787HIGHPath traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-EPSS 0.9%CVE-2024-29146MEDIUMUser passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump fiEPSS 0.9%

← anteriorpágina 1 / 3próxima →