CVE-2023-34259

MEDIUM NUCLEI

Kyocera D-copia253mf Plus Firmware < 2vg_s000.002.561 - Path Traversal

Title source: rule

Description

Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.

Nuclei Templates (1)

Kyocera TASKalfa printer - Path Traversal

MEDIUMVERIFIEDby gy741

Shodan: http.favicon.hash:-50306417

FOFA: icon_hash=-50306417

References (2)

[Third Party Advisory] https://sec-consult.com/vulnerability-lab/

[Exploit, Mailing List, Third Party Advisory] https://seclists.org/fulldisclosure/2023/Jul/15

Scores

CVSS v3 4.9

EPSS 0.9308

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

kyocera/d-copia253mf_plus_firmware < 2vg_s000.002.561

Published Nov 03, 2023

Tracked Since Feb 18, 2026