Vulnerability Description
Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ricoh | Aficio Sp 4210N Firmware | < 1.05 |
| Ricoh | Aficio Sp 4210N | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN24659622/index.htmlThird Party Advisory
- https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htmProductVendor Advisory
- https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/410Release NotesVendor Advisory
- https://jvn.jp/en/jp/JVN24659622/index.htmlThird Party Advisory
- https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/sp42/sp42.htmProductVendor Advisory
- https://support.ricoh.com/bbv2/html/dr_ut_d/ipsio/history/w/bb/pub_j/dr_ut_d/410Release NotesVendor Advisory
FAQ
What is CVE-2022-37406?
CVE-2022-37406 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Cross-site scripting vulnerability in Aficio SP 4210N firmware versions prior to Web Support 1.05 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
How severe is CVE-2022-37406?
CVE-2022-37406 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37406?
Check the references section above for vendor advisories and patch information. Affected products include: Ricoh Aficio Sp 4210N Firmware, Ricoh Aficio Sp 4210N.