EUVD-2026-26314
URL Redirection to Untrusted Site (Open Redirect) (CWE-601)
2026-04-30
jpcert
5.1
CVSS 4.0
Share
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X
Lifecycle Timeline
5
CVSS changed
Apr 30, 2026 - 07:22 NVD
6.1 (MEDIUM)
5.1 (MEDIUM)
Analysis Generated
Apr 30, 2026 - 06:48 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26314
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 06:08 nvd
MEDIUM 5.1
DescriptionNVD
Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack.
AnalysisAI
Open redirect vulnerability in Ricoh Web Image Monitor affects multiple laser printers and multifunction printers, allowing unauthenticated remote attackers to redirect users to arbitrary websites via specially crafted URLs. Successful exploitation enables phishing attacks by deceiving users into visiting malicious sites while appearing to originate from trusted printer interfaces. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).