Path Traversal Vulnerability in installed_emanual_list.html
CVE-2024-33605

7.5HIGH

Key Information:

Vendor

Sharp Corporation

Status
Multiple Mfps (multifunction Printers)
Vendor
CVE Published:
26 November 2024

What is CVE-2024-33605?

A path traversal vulnerability has been identified in Sharp and Toshiba multifunction printers due to improper processing of parameters in the installed_emanual_list.html file. This flaw could allow an attacker to access unauthorized files on the server, potentially leading to sensitive information exposure. It is crucial for users of the affected printer models to apply recommended security measures provided by the vendors to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Multiple MFPs (multifunction printers) See the information provided by Sharp Corporation listed under [References]

Multiple MFPs (multifunction printers) See the information provided by Toshiba Tec Corporation listed under [References]

References

https://global.sharp/products/copier/info/info_security_2...
https://jp.sharp/business/print/information/info_security...
https://www.toshibatec.com/information/20240531_02.html

EPSS Score

51% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.