CVE-2018-16185

Published: Jan 9, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute a malicious program.

Affected (12)

Products: Ricoh: D2200 Firmware, D5500 Firmware, D5510 Firmware, D5520 Firmware, D6500 Firmware, D6510 Firmware, D7500 Firmware, D8400 Firmware

8 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D2200 Firmware	From 1.1 to 2.2

Running on/with	Platform Versions
Ricoh D2200	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D5500 Firmware	From 1.1 to 2.2

Running on/with	Platform Versions
Ricoh D5500	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D5510 Firmware	From 1.1 to 2.2

Running on/with	Platform Versions
Ricoh D5510	All versions

Configuration D

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D5520 Firmware	From 1.1 to 2.2
Ricoh D5520 Firmware	From 3.0 to 3.1.10137.0

Running on/with	Platform Versions
Ricoh D5520	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D6500 Firmware	From 1.1 to 2.2

Running on/with	Platform Versions
Ricoh D6500	All versions

Configuration F

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D6510 Firmware	From 1.1 to 2.2
Ricoh D6510 Firmware	From 3.0 to 3.1.10137.0

Running on/with	Platform Versions
Ricoh D6510	All versions

Configuration G

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D7500 Firmware	From 1.1 to 2.2
Ricoh D7500 Firmware	From 3.0 to 3.1.10137.0

Running on/with	Platform Versions
Ricoh D7500	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh D8400 Firmware	From 1.1 to 2.2
Ricoh D8400 Firmware	From 3.0 to 3.1.10137.0

Running on/with	Platform Versions
Ricoh D8400	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://jvn.jp/en/jp/JVN55263945/index.html

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.ricoh.com/info/2018/1127_1.html

Source: vultures@jpcert.or.jp

Vendor Advisory

https://jvn.jp/en/jp/JVN55263945/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.ricoh.com/info/2018/1127_1.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.