54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
id: CVE-2024-33610
|
|
|
|
info:
|
|
name: Sharp Multifunction Printers - Cookie Exposure
|
|
author: gy741
|
|
severity: medium
|
|
description: It was observed that Sharp printers are vulnerable to a listing of session cookies without authentication. Any attacker can list valid cookies by visiting a backdoor webpage and use them to authenticate to the printers.
|
|
impact: |
|
|
The exposure of cookies can lead to session hijacking, unauthorized access, and potential data breaches.
|
|
remediation: |
|
|
Apply all relevant security patches and product upgrades.
|
|
reference:
|
|
- https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-cookies
|
|
- https://jvn.jp/en/vu/JVNVU93051062/index.html
|
|
- https://global.sharp/products/copier/info/info_security_2024-05.html
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
|
cvss-score: 9.1
|
|
cve-id: CVE-2024-33610
|
|
cwe-id: CWE-284
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: "Set-Cookie: MFPSESSIONID="
|
|
tags: cve,cve2024,sharp,printer,exposure
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/sessionlist.html"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- 'No.'
|
|
- 'User'
|
|
- 'From'
|
|
- 'Last login'
|
|
- 'Last access'
|
|
- 'Language ID'
|
|
- 'Cookie'
|
|
condition: and
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "Set-Cookie: MFPSESSIONID="
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 490a00463044022054e436e2ce49cfac1372996890038e5fb576f1f70ceef221a56e52b6cece19e9022035318cfd8350c6722f20e81d4231c4e12fc915b6d2cc272a27be9f7baec7e6e2:922c64590222798bb761d5b6d8e72950 |