Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders.
References
Link | Resource |
---|---|
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-ricoh-printers/ | Third Party Advisory |
https://www.ricoh-usa.com/en/support-and-download | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-13T18:47:15
Updated: 2020-03-13T18:47:15
Reserved: 2019-07-27T00:00:00
Link: CVE-2019-14309
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-13T19:15:16.837
Modified: 2020-03-18T16:14:50.957
Link: CVE-2019-14309
JSON object: View
Redhat Information
No data.
CWE