Kyocera TASKalfa 4002i and 6002i exist unauthenticated access vulnerability

Posted by Mars Cheng on January 31, 2019

Description:Kyocera TASKalfa 4002i and 6002i devices allow remote attackers to read the documents of arbitrary users via a modified HTTP request.

This vulnerability was discovered by Mars Cheng at National Center for Cyber Security Technology (NCCST)

Vulnerility Model of Kyocera Printer

  • TASKalfa 4002i
  • TASKalfa 6002i

Proof of Concept

1.Build documennt box test(id=0001), and we want to get data in box 2640(id=0013)

2. login box test(id=0001)

3. Use Burp Suite interrupt packet, and modify parameter 「arg5」、「arg10」and「arg30」

4. Get document and document list in box 2640(id=0013)


  • Augest 27, 2018 Reported to Kyocera Taiwan
  • Augest 30, 2018 Replied Solution
  • January 31, 2019 published by NCCST