CVE-2024-45829 | THREATINT

Description

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

PUBLISHED Reserved 2024-10-16 | Published 2024-10-25 | Updated 2024-10-25 | Assigner jpcert

MEDIUM: 4.9CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Problem types

Out-of-bounds read

Product status

see the information provided by Sharp Corporation

affected

T2.12.h3.00 and earlier versions

affected

T1.01.h4.00 and earlier versions

affected

T1.01.h4.00 and earlier versions

affected

References

jvn.jp/en/vu/JVNVU95063136/

global.sharp/products/copier/info/info_security_2024-10.html

www.toshibatec.com/information/20241025_01.html

cve.org (CVE-2024-45829)

nvd.nist.gov (CVE-2024-45829)

Download JSON