|
|
Kyocera FS-3830N Configuration Manipulation and Security Bypass Issues
|
Two vulnerabilities were identified in Kyocera FS-3830N, which could be exploited by attackers to bypass security restrictions and manipulate certain information.
The first flaw is due to an access validation error where the port 9100/TCP is accessible without requiring user authentication, which could be exploited by attackers to disclose or modify the configuration settings.
The second issue is due to a design error where a default blank password is set for the "admin" account, which could be exploited by remote attackers to gain full administrative privileges on a vulnerable printer.
Kyocera FS-3830N
VUPEN Security is not aware of any vendor-supplied patch.
http://www.vupen.com/english/advisories/2006/0620
http://evader.wordpress.com/2006/02/16/kyocera-printers/
Vulnerabilities reported by evader
2006-02-16 : Initial release
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
|
|
Monthly Statistics |
 |
|
|
|
| |
|
Try VUPEN
VNS |
 |
|
 |
|
| |
|
 |
| |
|
|
|
|
