exploitDog

CVE-2019-13195

Опубликовано: 13 мар. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.

Ссылки

https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers/
Third Party Advisory
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:kyocera:ecosys_m5526cdw_firmware:2r7_2000.001.701:*:*:*:*:*:*:*

cpe:2.3:h:kyocera:ecosys_m5526cdw:-:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00186

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-pchm-v2q2-6vm7

github

больше 3 лет назад

The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system.

EPSS

Процентиль: 40%

0.00186

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-22