CVE-2022-1026: Kyocera Net View Address Book Exposure

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-1026

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Kyocera Net View Address Book Exposure

Source: NVD (National Vulnerability Database)

Vulnerability Description

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

不充分的凭证保护机制

Source: NVD (National Vulnerability Database)

Vulnerability Title

Kyocera multifunction printers 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Kyocera multifunction printers是日本京瓷（Kyocera）公司的一台打印机。 Kyocera multifunction printers存在安全漏洞，该漏洞源于通过未充分保护的通讯簿导出功能无意中暴露敏感用户信息，包括用户名和密码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Kyocera	Multifunction Printer Net Viewer	2S0_1000.005.0012S5_2000.002.505 ~ 2S0_1000.005.0012S5_2000.002.505	-

II. Public POCs for CVE-2022-1026

#	POC Description	Source Link	Shenlong Link
1	An unauthenticated data extraction vulnerability in Kyocera printers, which allows for recovery of cleartext address book and domain joined passwords	https://github.com/ac3lives/kyocera-cve-2022-1026	POC Details
2	NSE port of CVE-2022-1026 exploit for mass identification and exploitation	https://github.com/flamebarke/nmap-printer-nse-scripts	POC Details
3	Improved Golang Version of Rapid7 PoC for CVE-2022-1026	https://github.com/r0lh/kygocera	POC Details
4	Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-1026.yaml	POC Details
5	An unauthenticated data extraction vulnerability in Kyocera printers, which allows for recovery of cleartext address book and domain joined passwords.	https://github.com/h4po0n/kyocera-cve-2022-1026_SOAP1.1	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-1026

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same weakness: CWE-522

V. Comments for CVE-2022-1026

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-1026

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-1026

III. Intelligence Information for CVE-2022-1026

IV. Related Vulnerabilities

V. Comments for CVE-2022-1026

Leave a comment