CVE-2018-16186
First published: Wed Jan 09 2019(Updated: )
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) uses hard-coded credentials, which may allow an attacker on the same network segments to login to the administrators settings screen and change the configuration.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ricoh D2200 Firmware | >=1.1<=2.2 | |
| Ricoh D2200 Firmware | ||
| Ricoh D5500 Firmware | >=1.1<=2.2 | |
| Ricoh D5500 Firmware | ||
| Ricoh D5510 Firmware | >=1.1<=2.2 | |
| Ricoh D5510 Firmware | ||
| Ricoh D5520 | >=1.1<=2.2 | |
| Ricoh D5520 | >=3.0<=3.1.10137.0 | |
| Ricoh D5520 Firmware | ||
| Ricoh D6500 Firmware | >=1.1<=2.2 | |
| Ricoh D6500 Firmware | ||
| Ricoh D6510 Firmware | >=1.1<=2.2 | |
| Ricoh D6510 Firmware | >=3.0<=3.1.10137.0 | |
| Ricoh D6510 | ||
| Ricoh D7500 | >=1.1<=2.2 | |
| Ricoh D7500 | >=3.0<=3.1.10137.0 | |
| Ricoh D7500 Firmware | ||
| Ricoh D8400 Firmware | >=1.1<=2.2 | |
| Ricoh D8400 Firmware | >=3.0<=3.1.10137.0 | |
| Ricoh D8400 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16186?
The severity of CVE-2018-16186 is high with a CVSS score of 8.8.
Which versions of RICOH Interactive Whiteboard D2200 are affected by CVE-2018-16186?
Versions 1.1 to 2.2 of RICOH Interactive Whiteboard D2200 are affected by CVE-2018-16186.
How can I fix CVE-2018-16186?
To fix CVE-2018-16186, update the firmware of the affected RICOH Interactive Whiteboard models to versions higher than 2.2.
Are all models of RICOH Interactive Whiteboards vulnerable to CVE-2018-16186?
No, not all models of RICOH Interactive Whiteboards are vulnerable to CVE-2018-16186. Only the specific models listed in the vulnerability description are affected.
Where can I find more information about CVE-2018-16186?
You can find more information about CVE-2018-16186 on the official JVN and Ricoh websites. The links are provided in the references section of the vulnerability description.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/author
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ricoh
- canonical/ricoh d2200 firmware
- version/ricoh d2200 firmware/1.1
- version/ricoh d2200 firmware/2.2
- canonical/ricoh d5500 firmware
- version/ricoh d5500 firmware/1.1
- version/ricoh d5500 firmware/2.2
- canonical/ricoh d5510 firmware
- version/ricoh d5510 firmware/1.1
- version/ricoh d5510 firmware/2.2
- canonical/ricoh d5520
- version/ricoh d5520/1.1
- version/ricoh d5520/2.2
- version/ricoh d5520/3.0
- version/ricoh d5520/3.1.10137.0
- canonical/ricoh d5520 firmware
- canonical/ricoh d6500 firmware
- version/ricoh d6500 firmware/1.1
- version/ricoh d6500 firmware/2.2
- canonical/ricoh d6510 firmware
- version/ricoh d6510 firmware/1.1
- version/ricoh d6510 firmware/2.2
- version/ricoh d6510 firmware/3.0
- version/ricoh d6510 firmware/3.1.10137.0
- canonical/ricoh d6510
- canonical/ricoh d7500
- version/ricoh d7500/1.1
- version/ricoh d7500/2.2
- version/ricoh d7500/3.0
- version/ricoh d7500/3.1.10137.0
- canonical/ricoh d7500 firmware
- canonical/ricoh d8400 firmware
- version/ricoh d8400 firmware/1.1
- version/ricoh d8400 firmware/2.2
- version/ricoh d8400 firmware/3.0
- version/ricoh d8400 firmware/3.1.10137.0