Pre-authenticated Remote Code Execution

Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point. https://www.toshibatec.com/contacts/products/ As for the affected products/models/versions, see the reference URL.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

带着不必要的权限执行

Toshiba e-STUDIO 安全漏洞

Toshiba e-STUDIO是日本东芝（Toshiba）公司的一系列高端办公多功能打印机。 Toshiba e-STUDIO 存在安全漏洞，该漏洞源于某些程序以 root 权限运行，如果通过某种手段劫持这些程序，则可以在多功能设备上执行任意代码。

N/A

N/A