cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-3498,https://securityvulnerability.io/vulnerability/CVE-2024-3498,HP Printers Vulnerable to Remote Code Execution via Web Configuration,"A vulnerability exists within Toshiba Multifunction Printers that allows attackers to exploit certain web-enabled services through the printer's configuration page. By manipulating these services, attackers can successfully execute malicious files and elevate their privileges to root, potentially compromising sensitive data and system integrity. Organizations utilizing affected models should apply security patches and configure their systems to mitigate the risk of unauthorized access.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:20:01.103Z,0
CVE-2024-3497,https://securityvulnerability.io/vulnerability/CVE-2024-3497,Printer Path Traversal Vulnerability Allows Overwriting of Original Files or Adding New Ones,"A path traversal vulnerability exists within the web server of Toshiba printers, enabling potential attackers to perform unauthorized file operations. This security flaw permits malicious actors to overwrite existing files or introduce new files on the printer's storage system. Organizations relying on Toshiba printers are at risk of data loss and unauthorized access, necessitating immediate attention to security protocols and potential patch management. Further details regarding affected models and versions can be found through provided resources.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),8.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:17:56.164Z,0
CVE-2024-3496,https://securityvulnerability.io/vulnerability/CVE-2024-3496,Printers Vulnerable to Authentication Bypass Attacks,"The vulnerability presents a significant risk as attackers are able to bypass the web login authentication process of Toshiba printers, gaining unauthorized access to sensitive system information. Once access is achieved, it becomes possible for malicious actors to upload harmful drivers to the affected printers, which can lead to further security breaches and exploitation of the device's capabilities. Organizations utilizing these printers should prioritize updating their systems and ensuring appropriate security measures are in place to mitigate the potential risks associated with this vulnerability.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),8.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:13:22.003Z,0
CVE-2024-27178,https://securityvulnerability.io/vulnerability/CVE-2024-27178,Toshiba Vulnerability: Remote Code Execution through File Overwriting,"A vulnerability has been identified in Toshiba Multifunction Printers that allows an attacker to perform Remote Code Execution by manipulating file name variables to overwrite files. This exploitation can occur in conjunction with other vulnerabilities, complicating detection and execution in isolation. Although the base score of this vulnerability may be perceived as lower, its potential for exploitation in the presence of related vulnerabilities necessitates immediate attention. For additional details on affected models and mitigation strategies, refer to Toshiba's informational resources.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:08:21.126Z,0
CVE-2024-27177,https://securityvulnerability.io/vulnerability/CVE-2024-27177,Toshiba Vulnerability: Remote Code Execution through File Overwriting,"A notable vulnerability exists in Toshiba products that permits remote code execution through unauthorized file overwriting. The exploit takes advantage of a flawed package name variable, which can be manipulated by attackers. While this vulnerability may require the presence of additional vulnerabilities to be successfully executed, it poses a significant risk, particularly within environments utilizing affected Toshiba product models and versions. Comprehensive assessments of affected systems and implemented security measures are imperative to mitigate potential exploitation.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:06:54.881Z,0
CVE-2024-27176,https://securityvulnerability.io/vulnerability/CVE-2024-27176,Toshiba Vulnerability: Remote Code Execution via Falsified Session ID,"A vulnerability allows an attacker to execute remote code by exploiting a flaw in Toshiba’s Document Solutions. Through manipulation of session ID variables, an attacker can overwrite files, potentially leading to unauthorized operations on affected devices. This vulnerability poses a significant risk, particularly when combined with other existing vulnerabilities, potentially amplifying its impact. Precautions need to be taken by users of affected products to mitigate risks associated with this vulnerability, and additional information is available via Toshiba's contact points for further details.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:05:52.395Z,0
CVE-2024-27174,https://securityvulnerability.io/vulnerability/CVE-2024-27174,Toshiba Remote Command Vulnerability Allows for Remote Code Execution,"The vulnerability in the Toshiba Remote Command Program enables an attacker to execute remote code under specific conditions. While this vulnerability is difficult to exploit independently, it can be leveraged in combination with other vulnerabilities, potentially amplifying its impact. This complex exploit situation implies that attackers must possess a nuanced understanding of the underlying systems in order to successfully execute malicious commands. For more detailed information about this vulnerability and any related concerns, please contact Toshiba support.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),9.8,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:03:18.120Z,0
CVE-2024-27173,https://securityvulnerability.io/vulnerability/CVE-2024-27173,Toshiba Remote Command Program Vulnerability Allows Remote Code Execution,"A vulnerability in Toshiba Tec's Remote Command program allows for Remote Code Execution by enabling an attacker to overwrite existing Python files containing executable code. While this vulnerability can be executed alongside other existing vulnerabilities, its standalone execution is challenging, resulting in a lower individual severity score. Careful review and mitigation strategies are advised for systems utilizing this software to protect against potential exploitation.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),9.8,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T04:01:54.119Z,0
CVE-2024-27172,https://securityvulnerability.io/vulnerability/CVE-2024-27172,Attackers Can Exploit Remote Command Program Vulnerabilities for Remote Code Execution,"The vulnerability in Toshiba's Remote Command program exposes the affected systems to the risk of unauthorized remote code execution. Attackers could exploit this flaw to execute arbitrary commands on compromised devices, potentially leading to a complete system takeover. The vulnerability is inherent in the way the program processes user inputs, allowing an attacker to send specially crafted requests that can manipulate the execution flow. Organizations using affected versions of the Remote Command Program should review their security measures and apply any available patches to mitigate the risks associated with this vulnerability.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),9.8,CRITICAL,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-14T04:00:40.846Z,0
CVE-2024-27171,https://securityvulnerability.io/vulnerability/CVE-2024-27171,Remote Attacker Can Overwrite Any Python File for Remote Code Execution,"A security vulnerability exists within Toshiba's product suite that allows remote attackers to exploit insecure file upload functionalities. This flaw provides the ability to overwrite any Python files, resulting in potential remote code execution. Users and administrators of affected Toshiba products should prioritize reviewing their environment for this vulnerability and apply necessary patches to mitigate the risk of exploitation.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:59:24.365Z,0
CVE-2024-27170,https://securityvulnerability.io/vulnerability/CVE-2024-27170,Toshiba Printers Vulnerable to WebDAV Access,"A significant security concern has been identified in various Toshiba printers, where user credentials for WebDAV access are stored in a publicly readable file. This flaw opens the door for potential attackers to gain unauthorized full access to the printer's functionalities via WebDAV, posing serious risks to data confidentiality and integrity. Affected models may require immediate attention to mitigate exploitation risks by reviewing access controls and applying any available security patches.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:56:21.336Z,0
CVE-2024-27169,https://securityvulnerability.io/vulnerability/CVE-2024-27169,Toshiba Printers Expose Administrative Access Without Authentication,"A vulnerability exists in Toshiba printers that exposes API endpoints without proper authentication, allowing local attackers to bypass necessary security measures. This flaw enables malicious users to gain unauthorized administrative access, potentially compromising sensitive data and the integrity of the printing environment. Organizations utilizing affected Toshiba printer models should ensure they implement necessary security measures to mitigate the risks associated with this vulnerability.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),8.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:55:04.544Z,0
CVE-2024-27168,https://securityvulnerability.io/vulnerability/CVE-2024-27168,Hardcoded Keys Expose Administrative Interfaces to Attack,"The authentication mechanism in certain Toshiba TEC products uses hardcoded keys for access to internal APIs. This security design flaw can potentially allow an attacker to bypass authentication controls simply by exploiting knowledge of these private keys. As a result, unauthorized individuals may gain access to sensitive administrative interfaces, posing significant risks to the integrity and confidentiality of the affected systems. Organizations using these products are advised to review their security measures and implement alternative authentication strategies to mitigate the risk.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:53:58.804Z,0
CVE-2024-27167,https://securityvulnerability.io/vulnerability/CVE-2024-27167,Toshiba Printers Vulnerable to Email Attack via Insecure Sendmail Configuration,"Toshiba printers utilize Sendmail for email functionality, and this implementation is compromised due to the presence of insecure directories. A local attacker can exploit this vulnerability by injecting a malicious Sendmail configuration file, leading to unauthorized changes in email settings. This vulnerability poses risks for various models and versions of Toshiba printers, making it critical for users to review their security configurations to mitigate potential exploitation.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:52:38.112Z,0
CVE-2024-27166,https://securityvulnerability.io/vulnerability/CVE-2024-27166,Toshiba Printers Vulnerable to Confidential Information Theft,"Toshiba printers have been identified as having a security vulnerability due to incorrect permissions set on core dump binaries. This misconfiguration can potentially allow a local attacker to gain unauthorized access to sensitive and confidential information stored within the printer system. The lack of proper access controls serves as a significant risk, making it crucial for users and administrators to address this issue promptly. For more detailed information, please refer to the documentation provided by Toshiba and various security advisories.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:48:46.097Z,0
CVE-2024-27165,https://securityvulnerability.io/vulnerability/CVE-2024-27165,Toshiba Printers Vulnerable to Local Privilege Escalation Attacks,"Certain Toshiba printers contain a suidperl binary that exposes a vulnerability allowing local attackers to escalate privileges to root level. This flaw can be exploited by individuals with local access to the printer's system, posing a serious risk to networked environments where sensitive data may be processed or transmitted. Users are advised to review the list of impacted models and their respective versions to ensure that the necessary security measures are applied to mitigate potential threats.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:43:22.266Z,0
CVE-2024-27164,https://securityvulnerability.io/vulnerability/CVE-2024-27164,Toshiba Printers Contain Hardcoded Credentials,"Toshiba printers exhibit a significant security vulnerability due to hardcoded credentials within their software. This flaw allows unauthorized access to the device and the potential for exploitation by malicious actors. The presence of these hardcoded credentials undermines the security integrity of the affected products, making it essential for users to review product models and implement recommended security measures as outlined in Toshiba's advisories. Failure to address this vulnerability may lead to unauthorized use, information leakage, and heightened risks to network security.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:42:00.905Z,0
CVE-2024-27158,https://securityvulnerability.io/vulnerability/CVE-2024-27158,Toshiba Printers Share Hardcoded Root Password,"Toshiba printers have a security flaw due to the implementation of a hardcoded root password shared across multiple models. This vulnerability compromises the integrity of the devices, allowing unauthorized users to gain access to administrative privileges without appropriate credentials. The problem arises from insufficient security measures in the device firmware, which fails to restrict access to critical system features. This vulnerability poses serious risks, particularly in environments where sensitive data may be processed or transmitted through these printers. Organizations are advised to check for software updates and apply necessary patches from Toshiba to mitigate this risk.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:24:23.225Z,0
CVE-2024-27155,https://securityvulnerability.io/vulnerability/CVE-2024-27155,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are exposed to a Local Privilege Escalation vulnerability that enables attackers, either local or remote, to compromise the affected devices. This security flaw allows malicious programs to be substituted for legitimate ones, posing significant risks to the integrity and operation of the affected printers. Detailed information regarding the models and versions impacted can be found in the provided references.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.7,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T03:18:25.525Z,0
CVE-2024-27153,https://securityvulnerability.io/vulnerability/CVE-2024-27153,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are exposed to a Local Privilege Escalation vulnerability that allows a remote attacker to exploit the system and gain higher access privileges. This vulnerability can lead to unauthorized access and potential system manipulation, posing significant risks to sensitive data and operational integrity. Affected models may require immediate attention to mitigate the risks extensively outlined in the detailed references. Regular updates and patches are essential to safeguard against such vulnerabilities.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:57:28.015Z,0
CVE-2024-27152,https://securityvulnerability.io/vulnerability/CVE-2024-27152,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are exposed to a Local Privilege Escalation vulnerability that can be exploited remotely. This security flaw allows an attacker to gain unauthorized access to the printer's functions and potentially manipulate or steal sensitive information. The vulnerability affects multiple models of Toshiba printers, thereby posing significant risks to organizations utilizing these devices in their networks. Security teams should assess their current installations and review applicable patches and updates provided by Toshiba to mitigate potential attacks.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:55:47.014Z,0
CVE-2024-27151,https://securityvulnerability.io/vulnerability/CVE-2024-27151,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are affected by a vulnerability that permits local privilege escalation, enabling unauthorized remote access to the device. An attacker could exploit this weakness to overwrite legitimate programs with malicious ones, potentially disrupting operations or compromising sensitive data. Organizations utilizing affected Toshiba printer models should prioritize updating their systems and reviewing security protocols to mitigate the risk associated with this vulnerability.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:54:05.707Z,0
CVE-2024-27150,https://securityvulnerability.io/vulnerability/CVE-2024-27150,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are subjected to a Local Privilege Escalation vulnerability that could allow unauthorized remote access. This flaw grants attackers the potential to elevate their privileges on the device, enabling them to execute arbitrary code or alter printer configurations. Such vulnerabilities emphasize the critical need for security updates and awareness among users to mitigate risks associated with unauthorized access and data breaches. Affected users should monitor for updates and implement security best practices to safeguard their printing environments.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:52:19.815Z,0
CVE-2024-27149,https://securityvulnerability.io/vulnerability/CVE-2024-27149,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are susceptible to a Local Privilege Escalation vulnerability, enabling unauthorized remote access and potential compromise of device integrity. This vulnerability presents a critical risk for organizations utilizing affected models, allowing attackers to manipulate printer operations and access sensitive information. Affected users should review product documentation and apply necessary security updates to mitigate risks associated with CVE-2024-27149.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:50:28.457Z,0
CVE-2024-27148,https://securityvulnerability.io/vulnerability/CVE-2024-27148,Toshiba Printers Vulnerable to Local Privilege Escalation Attack,"Toshiba printers are exposed to a Local Privilege Escalation vulnerability that allows attackers to gain unauthorized access and potentially control the affected devices remotely. This flaw could enable malicious actors to execute arbitrary commands and manipulations, significantly compromising the device's functionality and security posture. Organizations utilizing Toshiba printers should prioritize applying the necessary patches and updates provided by Toshiba to mitigate the risks associated with this vulnerability.",Toshiba,Toshiba Tec E-studio Multi-function Peripheral (mfp),7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-06-14T02:46:20.549Z,0