CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-17312

On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://packetstormsecurity.com/files/149496/RICOH-Aficio-MP-301-Printer-Cross-Site-Scripting.html
http://packetstormsecurity.com/files/149496/RICOH-Aficio-MP-301-Printer-Cross-Site-Scripting.html

Products affected by CVE-2018-17312

Ricoh » Aficio Mp 301spf » Version: N/A

cpe:2.3:h:ricoh:aficio_mp_301spf:-
Ricoh » Aficio Mp 301spf Firmware » Version: N/A

cpe:2.3:o:ricoh:aficio_mp_301spf_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17312

Products

Pricing

Contact Us