• G&G May 25 Masthead Web Ad

Toshiba warns of vulnerability in MFPs

Mar 6, 2024 | 0 comments

The company published a response to a vulnerability in the “Web Browser Configuration” function installed in some Toshiba Tec’s digital multi-function peripherals.

A vulnerability has been identified in the “Web Browser Configuration” function of some of Toshiba’s multi-function peripherals. The company confirmed that this issue does not result in the leakage of information from the product to outside parties.

Targeted products are e-STUDIO 301DN/ 302DNF devices. These products have been sold only in the Chinese market.

One of the vulnerabilities is CVE-2024-21824, a ‘Session Management Vulnerability’ whereby an attacker could log into the server setting screen using the cookie values that they stole by eavesdropping communications or attacking the user’s web browser.

Also identified was CVE-2024-22475, a ‘Cross-site Request Forgery Vulnerability’, which means if the user accesses a web page that an attacker set up and submits requests to the machine, the settings of the Web Based Management could be tampered with.

Toshiba is recommending firmware updates and offers the workaround that when connecting to the Internet, connect to a network protected through a firewall as described in the manual.

Search The Recycler

Related Posts

  • Keypoint July Web Banner
  • Cartridge Web July 2025
  • IR Italiana May 25 web Ad
  • Biuromax June 2025 web ad
  • INK TANK July Web Banner
  • GM Technology July Web Banner
  • CET May 25 Web Ad
  • Mito Web ad July 2025
  • Integral web ad June 2025 v2
  • Mito Web ad July 2025
  • Integral web ad June 2025 v2
  • GM Technology July Web Banner
  • CET May 25 Web Ad
  • Mito Web ad July 2025
  • CET May 25 Web Ad
  • Integral web ad June 2025 v2
  • GM Technology July Web Banner