Description:Kyocera TASKalfa 4002i and 6002i devices allow remote attackers to read the documents of arbitrary users via a modified HTTP request.
This vulnerability was discovered by Mars Cheng at National Center for Cyber Security Technology (NCCST)
Vulnerility Model of Kyocera Printer
- TASKalfa 4002i
- TASKalfa 6002i
Proof of Concept
1.Build documennt box test(id=0001), and we want to get data in box 2640(id=0013)
2. login box test(id=0001)
3. Use Burp Suite interrupt packet, and modify parameter 「arg5」、「arg10」and「arg30」
4. Get document and document list in box 2640(id=0013)
Timeline
- Augest 27, 2018 Reported to Kyocera Taiwan
- Augest 30, 2018 Replied Solution
- January 31, 2019 published by NCCST
Reference
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16656
