Vulnerability Description
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
CVSS Score
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Toshibatec | E-Studio1058 Firmware | <= t1.01.h4.00 |
| Toshibatec | E-Studio1058 | - |
| Toshibatec | E-Studio1208 Firmware | <= t1.01.h4.00 |
| Toshibatec | E-Studio1208 | - |
| Toshibatec | E-Studio908 Firmware | <= t2.12.h3.00 |
| Toshibatec | E-Studio908 | - |
| Sharp | Bp-90C70 Firmware | - |
| Sharp | Bp-90C70 | - |
| Sharp | Bp-90C80 Firmware | - |
| Sharp | Bp-90C80 | - |
| Sharp | Bp-70C65 Firmware | - |
| Sharp | Bp-70C65 | - |
| Sharp | Bp-70C55 Firmware | - |
| Sharp | Bp-70C55 | - |
| Sharp | Bp-70C45 Firmware | - |
| Sharp | Bp-70C45 | - |
| Sharp | Bp-70C36 Firmware | - |
| Sharp | Bp-70C36 | - |
| Sharp | Bp-70C31 Firmware | - |
| Sharp | Bp-70C31 | - |
Related Weaknesses (CWE)
References
- https://global.sharp/products/copier/info/info_security_2024-10.htmlVendor Advisory
- https://jvn.jp/en/vu/JVNVU95063136/Third Party Advisory
- https://www.toshibatec.com/information/20241025_01.htmlVendor Advisory
FAQ
What is CVE-2024-47406?
CVE-2024-47406 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
How severe is CVE-2024-47406?
CVE-2024-47406 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-47406?
Check the references section above for vendor advisories and patch information. Affected products include: Toshibatec E-Studio1058 Firmware, Toshibatec E-Studio1058, Toshibatec E-Studio1208 Firmware, Toshibatec E-Studio1208, Toshibatec E-Studio908 Firmware.