EIP-2026-101947

PRE-CVE

RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101947. PoCs published by Paulina Girón.

AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in the RICOH Aficio SP 5200S printer's web interface. It involves sending crafted HTTP POST requests to 'adrsGetUser.cgi' and 'adrsSetUser.cgi' with manipulated 'entryNameIn' parameters to inject HTML content.

Description

RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection

Exploits (1)

exploitdb WORKING POC

by Paulina Girón · textwebappshardware

https://www.exploit-db.com/exploits/48161

View Code ZIP pw:eip

This exploit demonstrates an HTML injection vulnerability in the RICOH Aficio SP 5200S printer's web interface. It involves sending crafted HTTP POST requests to 'adrsGetUser.cgi' and 'adrsSetUser.cgi' with manipulated 'entryNameIn' parameters to inject HTML content.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: RICOH Aficio SP 5200S Printer

Auth required

Prerequisites: Network access to the printer's web interface · Valid session cookies (risessionid, wimsesid)

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026