Home

Description

Admin authentication can be bypassed with some specific invalid credentials, which allows logging in with an administrative privilege. Sharp Corporation states the telnet feature is implemented on older models only, and is planning to provide the firmware update to remove the feature. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

PUBLISHED Reserved 2024-05-22 | Published 2024-11-26 | Updated 2025-11-04 | Assigner jpcert




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

Authentication bypass

Product status

See the information provided by Sharp Corporation listed under [References]
affected

See the information provided by Toshiba Tec Corporation listed under [References]
affected

References

seclists.org/fulldisclosure/2024/Jul/0

global.sharp/products/copier/info/info_security_2024-05.html

jp.sharp/...ess/print/information/info_security_2024-05.html

www.toshibatec.com/information/20240531_02.html

www.toshibatec.co.jp/information/20240531_02.html

jvn.jp/en/vu/JVNVU93051062/

pierrekim.github.io/...-27-sharp-mfp-17-vulnerabilities.html

cve.org (CVE-2024-33616)

nvd.nist.gov (CVE-2024-33616)

Download JSON