Описание
Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages.
Crafted HTTP requests may cause affected products crashed.
Затрагиваемое ПО
Toshibatec E-studio1058 firmwareToshibatec E-studio1058Toshibatec E-studio1208 firmwareToshibatec E-studio1208Toshibatec E-studio908 firmwareToshibatec E-studio908Sharp Bp-90c70 firmwareSharp Bp-90c70Sharp Bp-90c80 firmwareSharp Bp-90c80Sharp Bp-70c65 firmwareSharp Bp-70c65Sharp Bp-70c55 firmwareSharp Bp-70c55Sharp Bp-70c45 firmwareSharp Bp-70c45Sharp Bp-70c36 firmwareSharp Bp-70c36Sharp Bp-70c31 firmwareSharp Bp-70c31Sharp Bp-60c45 firmwareSharp Bp-60c45Sharp Bp-60c36 firmwareSharp Bp-60c36Sharp Bp-60c31 firmware
CVSS
| Балл | 7.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Источники
https://global.sharp/products/copier/info/info_security_2024-10.htmlhttps://jvn.jp/en/vu/JVNVU95063136/https://www.toshibatec.com/information/20241025_01.html