CVE-2014-1990
TOSHIBA TEC e-Studio 232, 233, 282, and 283 - Cross-Site Request Forgery in TopAccess
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-1990. PoCs published by Hubert Gradek.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in TOSHIBA e-Studio printers, allowing an attacker to change the admin password without authentication by tricking an authenticated user into visiting a malicious webpage.
Description
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.
Exploits (1)
This exploit demonstrates a CSRF vulnerability in TOSHIBA e-Studio printers, allowing an attacker to change the admin password without authentication by tricking an authenticated user into visiting a malicious webpage.