CVE-2023-34259
published 2023-11-03CVE-2023-34259: Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even…
PriorityP351medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EXPLOIT
EPSS
57.68%
99.0th percentile
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kyocera | d-copia253mf_plus_firmware | <= 2vg_s000.002.561 | — |
Detection & IOCsextracted from sources · hover to see the quote
path/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm
othershodan:http.favicon.hash:-50306417
otherfofa:icon_hash=-50306417
- →HTTP response body should match the regex 'root:.*:0:0' (i.e., /etc/passwd content) to confirm successful exploitation.
- →HTTP response Server header must contain 'KM-MFP' to identify a vulnerable Kyocera MFP device.
- →Exploit request returns HTTP 200 status on successful path traversal.
- →The traversal payload uses URL double-encoding (%2f for '/', %2e%2e for '..') combined with a null-byte (%00) to bypass path restrictions and reach /etc/passwd.
- →Use Shodan query 'http.favicon.hash:-50306417' or FOFA query 'icon_hash=-50306417' to identify internet-exposed Kyocera MFP devices potentially affected by this CVE.
- ·This vulnerability is an incomplete fix for a prior CVE; devices patched for CVE-2020-23575 may still be vulnerable if not updated beyond firmware 2VG_S000.002.561. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Kyocera TASKalfa printer - Path Traversal
nuclei·CVSS 4.9
CVE-2023-34259 [MEDIUM] Kyocera TASKalfa printer - Path Traversal
Kyocera TASKalfa printer - Path Traversal
CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.
Template:
id: CVE-2023-34259
info:
name: Kyocera TASKalfa printer - Path Traversal
author: gy741
severity: medium
description: |
CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.
impact: |
Unauthenticated attackers can manipulate file path values to access sensitive file system resources including source code and critical system confi
No writeups or analysis indexed.
2023-11-03
Published