Impact
The vulnerability is a reflected cross‑site scripting flaw that allows arbitrary scripts to be executed on the web browser of any user who accesses the Ricoh Web Image Monitor. Identified as CWE‑79, the flaw could enable session hijacking, data theft, or further network compromise.
Affected Systems
Ricoh Company, Ltd. laser printers and multifunction printers that run the Ricoh Web Image Monitor are affected. No specific firmware versions are listed.
Risk and Exploitability
The CVSS score of 5.1 indicates a medium severity risk. No EPSS score is available, and it is not currently catalogued in CISA KEV. The likely attack vector is remote, via HTTP requests to the Web Image Monitor, and an attacker could trigger the flaw by directing a user to a maliciously crafted URL or form submission.
OpenCVE Enrichment