cbcvebase.
CVE-2024-33605
published 2024-11-26

CVE-2024-33605: Improper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affected product names…

PriorityP357high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
6.23%
92.7th percentile
Improper processing of some parameters of installed_emanual_list.html leads to a path traversal vulnerability. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Affected

2 ranges
VendorProductVersion rangeFixed in
sharp_corporationmultiple_mfps
toshiba_tec_corporationmultiple_mfps

Detection & IOCsextracted from sources · hover to see the quote

url/installed_emanual_list.html
cookieSet-Cookie: MFPSESSIONID=
otherServiceEmanualList
path/installed_emanual_down.html
  • Unauthenticated GET request to /installed_emanual_list.html; response body contains both 'ServiceEmanualList' and '/installed_emanual_down.html', response header contains 'Set-Cookie: MFPSESSIONID=', and HTTP status is 200 — confirms vulnerable Sharp MFP directory listing endpoint.
  • Shodan fingerprinting for exposed Sharp MFP devices can be performed using the query 'Set-Cookie: MFPSESSIONID=' to identify internet-facing targets.
  • The vulnerability is triggered via improper parameter processing in installed_emanual_list.html, enabling path traversal / arbitrary directory listing without authentication on Sharp multifunction printers.
  • ·Affected product scope is broad; specific model numbers and firmware versions must be confirmed via vendor advisories rather than a single CPE entry.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.