Description
Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.
Published: 2026-06-30
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a reflected cross‑site scripting flaw that allows arbitrary scripts to be executed on the web browser of any user who accesses the Ricoh Web Image Monitor. Identified as CWE‑79, the flaw could enable session hijacking, data theft, or further network compromise.

Affected Systems

Ricoh Company, Ltd. laser printers and multifunction printers that run the Ricoh Web Image Monitor are affected. No specific firmware versions are listed.

Risk and Exploitability

The CVSS score of 5.1 indicates a medium severity risk. No EPSS score is available, and it is not currently catalogued in CISA KEV. The likely attack vector is remote, via HTTP requests to the Web Image Monitor, and an attacker could trigger the flaw by directing a user to a maliciously crafted URL or form submission.

Generated by OpenCVE AI on June 30, 2026 at 08:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Ricoh firmware or update that patches the Web Image Monitor XSS flaw.
  • Restrict network access to the Web Image Monitor so that only trusted internal hosts can reach it.
  • Implement input sanitization and output encoding on any user‑provided data rendered by the Web Image Monitor, or disable features that allow arbitrary content until a patch is available.

Generated by OpenCVE AI on June 30, 2026 at 08:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Ricoh
Ricoh multiple Laser Printers And Mfps Which Implement Web Image Monitor
Vendors & Products Ricoh
Ricoh multiple Laser Printers And Mfps Which Implement Web Image Monitor

Tue, 30 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 30 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Title Reflected XSS in Ricoh Web Image Monitor on Laser Printers and MFPs

Tue, 30 Jun 2026 07:15:00 +0000

Type Values Removed Values Added
Description Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.
Weaknesses CWE-79
References
Metrics cvssV3_0

{'score': 6.1, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}


Subscriptions

Ricoh Multiple Laser Printers And Mfps Which Implement Web Image Monitor
cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-06-30T12:52:37.220Z

Reserved: 2026-06-23T06:40:45.379Z

Link: CVE-2026-56809

cve-icon Vulnrichment

Updated: 2026-06-30T12:52:33.727Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T09:45:03Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')