kyoceramita scanner file utility 3.3.0.1 vulnerabilities and exploits

(subscribe to this query)

7.8

CVSSv2

Directory traversal vulnerability in the Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote malicious users to upload files to arbitrary locations via a .. (dot dot) in a request.

Kyoceramita Scanner File Utility 3.3.0.1

1 EDB exploit

9.3

CVSSv2

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote malicious users to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109.

Kyoceramita Scanner File Utility 3.3.0.1

5

CVSSv2

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote malicious users to cause a denial of service (hang or crash) via invalid field length values in a malformed (1) document or (2) request.

Kyoceramita Scanner File Utility 3.3.0.1

6.4

CVSSv2

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of predictable user identification numbers for access control, which allows remote malicious users to upload documents via a brute force attack.

Kyoceramita Scanner File Utility 3.3.0.1

10

CVSSv2

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote malicious users to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.

Kyoceramita Scanner File Utility 3.3.0.1

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook