Vulnerability Description
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kyocera | D-Copia253Mf Plus Firmware | <= 2vg_s000.002.561 |
| Kyocera | D-Copia253Mf Plus | - |
Related Weaknesses (CWE)
References
- https://sec-consult.com/vulnerability-lab/Third Party Advisory
- https://seclists.org/fulldisclosure/2023/Jul/15ExploitMailing ListThird Party Advisory
- https://sec-consult.com/vulnerability-lab/Third Party Advisory
- https://seclists.org/fulldisclosure/2023/Jul/15ExploitMailing ListThird Party Advisory
FAQ
What is CVE-2023-34259?
CVE-2023-34259 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: ...
How severe is CVE-2023-34259?
CVE-2023-34259 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-34259?
Check the references section above for vendor advisories and patch information. Affected products include: Kyocera D-Copia253Mf Plus Firmware, Kyocera D-Copia253Mf Plus.