CVE-2019-14305

Name of the Vulnerable Software and Affected Versions Ricoh SP C250DN firmware versions up to 1.06 Ricoh SP C250SF firmware versions up to 1.12

Description The issue affects several Ricoh printer models, where multiple buffer overflows occur when parsing HTTP parameter settings for various protocols, including Wi-Fi, mDNS, POP3, SMTP, and notification alerts. This allows an attacker to cause a denial of service or achieve code execution by sending crafted requests to the web server.

Recommendations For Ricoh SP C250DN firmware versions up to 1.06, update the firmware to a version later than 1.06. For Ricoh SP C250SF firmware versions up to 1.12, update the firmware to a version later than 1.12. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.