CVE Tools

toshibatec

Hardware FirmwareJPcommercial

10

Cumulative CVEs

2

Monthly snapshots

#78

Peak rank

Top products

e-studio1058 firmware9 e-studio1208 firmware9 e-studio908 firmware9

Latest CVEs

The 12 most recently published vulnerabilities affecting toshibatec.

CVE-2024-48870Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, ...6.2Oct 25, 2024
CVE-2024-47801Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected pr...7.4Oct 25, 2024
CVE-2024-47549Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to ...7.4Oct 25, 2024
CVE-2024-47406Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.9.1Oct 25, 2024
CVE-2024-47005Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute som...8.1Oct 25, 2024
CVE-2024-45842Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP req...5.3Oct 25, 2024
CVE-2024-45829Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTT...4.9Oct 25, 2024
CVE-2024-43424Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.7.5Oct 25, 2024
CVE-2024-42420Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests m...7.5Oct 25, 2024
CVE-2023-29984Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product ...7.5Jul 11, 2023
CVE-2014-1990Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the auth...6.8Apr 19, 2014
CVE-2012-1239The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attack...10.0Apr 6, 2012