Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Pre-authenticated XXE injection
Vulnerability Description
Toshiba printers use XML communication for the API endpoint provided by the printer. For the endpoint, XML parsing library is used and it is vulnerable to a time-based blind XML External Entity (XXE) vulnerability. An attacker can DoS the printers. An attacker can exploit the XXE to retrieve information. As for the affected products/models/versions, see the reference URL.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
DTD中递归实体索引的不恰当限制(XML实体扩展)
Vulnerability Title
Toshiba e-STUDIO 安全漏洞
Vulnerability Description
Toshiba e-STUDIO是日本东芝(Toshiba)公司的一系列高端办公多功能打印机。 Toshiba e-STUDIO 存在安全漏洞,该漏洞源于某些 API(应用程序编程接口)可能未经身份验证就向多功能设备发送 HTTP 请求,从而导致设备停止运行(DoS)。
CVSS Information
N/A
Vulnerability Type
N/A