Product:

Sp_c252dn_firmware

(Ricoh)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 13
Date Id Summary Products Score Patch Annotated
2020-01-10 CVE-2019-14304 Ricoh SP C250DN 1.06 devices allow CSRF. M_2700_firmware, M_2701_firmware, M_c250fw_firmware, M_c250fwb_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, P_c300w_firmware, P_c301w_firmware, Sp277nwx_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware 8.8
2020-01-10 CVE-2019-14306 Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2). M_2700_firmware, M_2701_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, Sp277nwx_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware 7.5
2020-03-13 CVE-2019-14310 Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware N/A
2020-03-13 CVE-2019-14309 Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders. Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware N/A
2020-03-13 CVE-2019-14303 Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability. Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware N/A
2020-03-13 CVE-2019-14299 Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force. Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware N/A
2019-08-26 CVE-2019-14308 Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is... Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware 9.8
2019-08-26 CVE-2019-14307 Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration... Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware 9.8
2019-08-26 CVE-2019-14305 Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*,... Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware 9.8
2019-08-26 CVE-2019-14300 Several Ricoh printers have multiple buffer overflows parsing HTTP cookie headers, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is... Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware 9.8