We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47549



Description

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.

Reserved 2024-10-16 | Published 2024-10-25 | Updated 2024-10-25 | Assigner jpcert


HIGH: 7.4CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Problem types

Improper Neutralization of HTTP Headers for Scripting Syntax

Product status

see the information provided by Sharp Corporation
affected

T2.12.h3.00 and earlier versions
affected

T1.01.h4.00 and earlier versions
affected

T1.01.h4.00 and earlier versions
affected

References

jvn.jp/en/vu/JVNVU95063136/

global.sharp/products/copier/info/info_security_2024-10.html

www.toshibatec.com/information/20241025_01.html

cve.org (CVE-2024-47549)

nvd.nist.gov (CVE-2024-47549)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-47549

Support options

Helpdesk Chat, Email, Knowledgebase