Sp_c252sf_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Sp_c252sf_firmware
(Ricoh)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	13

Date	Id	Summary	Products	Score	Patch	Annotated
2022-02-15	CVE-2021-33945	RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.	Aficio_sp_3500sf_firmware, M_2700_firmware, M_2701_firmware, M_320_firmware, M_320f_firmware, M_320fb_firmware, M_c2000_firmware, M_c250fw_firmware, M_c250fwb_firmware, P_310_firmware, P_311_firmware, P_c300w_firmware, P_c301w_firmware, Sp_212nw_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277nwx_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_310dnw_firmware, Sp_310sfnw_firmware, Sp_311dnw_firmware, Sp_311sfnw_firmware, Sp_312dnw_firmware, Sp_312sfnw_firmware, Sp_320dn_firmware, Sp_320sfn_firmware, Sp_320sn_firmware, Sp_325dnw_firmware, Sp_325sfnw_firmware, Sp_325snw_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_377dnwx_firmware, Sp_377sfnwx_firmware, Sp_377snwx_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware	9.8
2020-01-10	CVE-2019-14301	Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2).	M_2700_firmware, M_2701_firmware, M_c250fw_firmware, M_c250fwb_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, P_c300w_firmware, P_c301w_firmware, Sp277nwx_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware	7.5
2020-01-10	CVE-2019-14302	On Ricoh SP C250DN 1.06 devices, a debug port can be used.	M_2700_firmware, M_2701_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, Sp277nwx_firmware, Sp_210_\(China\)_firmware, Sp_210_firmware, Sp_210_q_\(China\)_firmware, Sp_210e_\(China\)_firmware, Sp_210sf_\(China\)_firmware, Sp_210sf_firmware, Sp_210sf_q_\(China\)_firmware, Sp_210su_\(China\)_firmware, Sp_210su_firmware, Sp_210su_q_\(China\)_firmware, Sp_211_firmware, Sp_211sf_firmware, Sp_211su_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware	6.8
2020-01-10	CVE-2019-14304	Ricoh SP C250DN 1.06 devices allow CSRF.	M_2700_firmware, M_2701_firmware, M_c250fw_firmware, M_c250fwb_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, P_c300w_firmware, P_c301w_firmware, Sp277nwx_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware	8.8
2020-01-10	CVE-2019-14306	Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).	M_2700_firmware, M_2701_firmware, Mp_2014_firmware, Mp_2014ad_firmware, Mp_2014d_firmware, Sp277nwx_firmware, Sp_212nw_firmware, Sp_212sfnw_\(China\)_firmware, Sp_212sfnw_firmware, Sp_212sfw_firmware, Sp_212snw_firmware, Sp_212suw_firmware, Sp_212w_firmware, Sp_213nw_\(Taiwan\)_firmware, Sp_213nw_firmware, Sp_213sfnw_\(Taiwan\)_firmware, Sp_213sfnw_firmware, Sp_213sfw_firmware, Sp_213snw_\(Taiwan\)_firmware, Sp_213snw_firmware, Sp_213suw_firmware, Sp_213w_firmware, Sp_220nw_firmware, Sp_220sfnw_firmware, Sp_220snw_firmware, Sp_221_firmware, Sp_221nw_firmware, Sp_221s_firmware, Sp_221sf_firmware, Sp_221sfnw_firmware, Sp_221snw_firmware, Sp_277sfnwx_firmware, Sp_277snwx_firmware, Sp_330dn_firmware, Sp_330sfn_firmware, Sp_330sn_firmware, Sp_3710dn_firmware, Sp_3710sf_firmware, Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware, Sp_c260dnw_firmware, Sp_c260sfnw_firmware, Sp_c261dnw_firmware, Sp_c261sfnw_firmware, Sp_c262dnw_firmware, Sp_c262sfnw_firmware	7.5
2020-03-13	CVE-2019-14310	Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets	Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware	N/A
2020-03-13	CVE-2019-14309	Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders.	Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware	N/A
2020-03-13	CVE-2019-14303	Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability.	Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware	N/A
2020-03-13	CVE-2019-14299	Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force.	Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware	N/A
2019-08-26	CVE-2019-14308	Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:::::::* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:::::::, cpe:2.3:o:ricoh:sp_c252dn:-:::::::. Another affected configuration is...	Sp_c250dn_firmware, Sp_c250sf_firmware, Sp_c252dn_firmware, Sp_c252sf_firmware	9.8