CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-18006

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0650%
EPSS Percentile20.82th
Published2018年12月14日
Last Modified2024年11月21日

Vulnerability Description

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.

Affected Platforms (CPE)

📦
Ricoh

Myprint

= 2.2.7
📦
Ricoh

Myprint

= 2.9.2.4

References & Advisories

🔗 http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html
🔗 http://seclists.org/fulldisclosure/2018/Nov/46
🔗 http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html
🔗 http://seclists.org/fulldisclosure/2018/Nov/46

相關漏洞威脅

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-100012410.0

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.p...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...

CVE-2018-022210.0

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an...