Remote Command Execution Vulnerability in RICOH Interactive Whiteboard Products
CVE-2018-16184

9.8CRITICAL

Key Information:

Vendor: Ricoh Company, Ltd.
Status: Ricoh Interactive Whiteboard
Vendor: CVE Published:; 9 January 2019

🔔 Create Ricoh Company, Ltd. Vulnerability Alert

What is CVE-2018-16184?

The RICOH Interactive Whiteboard series, including models D2200, D5500, D5510, and others, is vulnerable to a remote command execution flaw. This vulnerability allows attackers to execute arbitrary commands on affected devices via unspecified vectors. Users with devices running firmware versions from V1.6 to V2.2 are particularly at risk. It is crucial for users to apply updates and implement security best practices to safeguard their systems against potential exploits.

Affected Version(s)

RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400)

References

https://jvn.jp/en/jp/JVN55263945/index.html

third-party-advisoryx_refsource_JVN

https://www.ricoh.com/info/2018/1127_1.html

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 9, 2019
Vulnerability Reserved
Aug 30, 2018