What is the severity of CVE-2018-18006?

CVE-2018-18006 has a severity rating of 9.8, indicating a critical vulnerability.

What is the affected software?

The affected software is Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android.

How does CVE-2018-18006 give access to sensitive information?

CVE-2018-18006 exposes hardcoded credentials in the Ricoh myPrint application, allowing unauthorized access to API secrets, encrypted passwords of mail servers, and names of printed files.

Are there any public references for CVE-2018-18006?

Yes, you can find more information about CVE-2018-18006 at the following references: [Packet Storm Security](http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html) and [Full Disclosure](http://seclists.org/fulldisclosure/2018/Nov/46).

Vulnerability/
CVE-2018-18006

critical

9.8

CWE

798

14/12/2018

5/8/2024

CVE-2018-18006

First published: Fri Dec 14 2018(Updated: )

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Ricoh MyPrint	=2.2.7
Ricoh MyPrint	=2.9.2.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-18006?
CVE-2018-18006 refers to the vulnerability in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android, which allows unauthorized access to sensitive information.
What is the severity of CVE-2018-18006?
CVE-2018-18006 has a severity rating of 9.8, indicating a critical vulnerability.
What is the affected software?
The affected software is Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android.
How does CVE-2018-18006 give access to sensitive information?
CVE-2018-18006 exposes hardcoded credentials in the Ricoh myPrint application, allowing unauthorized access to API secrets, encrypted passwords of mail servers, and names of printed files.
Are there any public references for CVE-2018-18006?
Yes, you can find more information about CVE-2018-18006 at the following references: [Packet Storm Security](http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html) and [Full Disclosure](http://seclists.org/fulldisclosure/2018/Nov/46).

agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/last-modified-date
agent/severity
agent/type
agent/event
agent/first-publish-date
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ricoh
canonical/ricoh myprint
version/ricoh myprint/2.2.7
version/ricoh myprint/2.9.2.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.