D Color Mf3555 Firmware
CVE-2022-25343
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Denial of Service. An unauthenticated attacker, who can send POST requests to the /download/set.cgi page by manipulating the failhtmfile variable, is able to cause interruption of the service provided by the Web Application.
AnalysisAI
An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
An issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application is affected by Denial of Service. An unauthenticated attacker, who can send POST requests to the /download/set.cgi page by manipulating the failhtmfile variable, is able to cause interruption of the service provided by the Web Application. Affected products include: Olivetti D-Color Mf3555 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in D Color Mf3555 Firmware
View allAn issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. Rated high severity (CVSS 8.1), this vulner
An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. Rated medium severity (CVSS 6.1), this
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today