PT-2019-9251 · Ricoh · Ricoh Interactive Whiteboard D5520+9

Publicado

2019-01-09

·

Atualizado

2019-02-04

·

CVE-2018-16185

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions RICOH Interactive Whiteboard D2200 versions 1.1 through 2.2 RICOH Interactive Whiteboard D5500 versions 1.1 through 2.2 RICOH Interactive Whiteboard D5510 versions 1.1 through 2.2 RICOH Interactive Whiteboard D5520 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2 RICOH Interactive Whiteboard D5520 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0 RICOH Interactive Whiteboard D6500 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2 RICOH Interactive Whiteboard D6510 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2 RICOH Interactive Whiteboard D6510 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0 RICOH Interactive Whiteboard D7500 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2 RICOH Interactive Whiteboard D7500 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0 RICOH Interactive Whiteboard D8400 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2 RICOH Interactive Whiteboard D8400 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0
Description The issue allows remote attackers to execute a malicious program.
Recommendations For RICOH Interactive Whiteboard D2200 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D5500 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D5510 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D5520 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D5520 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0, update to a version outside of this range. For RICOH Interactive Whiteboard D6500 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D6510 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D6510 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0, update to a version outside of this range. For RICOH Interactive Whiteboard D7500 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D7500 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0, update to a version outside of this range. For RICOH Interactive Whiteboard D8400 with RICOH Interactive Whiteboard Controller Type1 versions 1.1 through 2.2, update to a version outside of this range. For RICOH Interactive Whiteboard D8400 with RICOH Interactive Whiteboard Controller Type2 versions 3.0 through 3.1.10137.0, update to a version outside of this range.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-16185

Produtos afetados

Ricoh Interactive Whiteboard Controller Type1
Ricoh Interactive Whiteboard Controller Type2
Ricoh Interactive Whiteboard D2200
Ricoh Interactive Whiteboard D5500
Ricoh Interactive Whiteboard D5510
Ricoh Interactive Whiteboard D5520
Ricoh Interactive Whiteboard D6500
Ricoh Interactive Whiteboard D6510
Ricoh Interactive Whiteboard D7500
Ricoh Interactive Whiteboard D8400