CVE-2024-47801

Q: What is the severity of CVE-2024-47801?

CVE-2024-47801 has a CVSS score of 7.4 (HIGH). Sharp and Toshiba Tec multifunction printers (MFPs) have a reflected cross-site scripting vulnerability where specially crafted URLs can execute malicious scripts in users' browsers. This affects organizations using vulnerable Sharp and Toshiba Tec MFP models with web interfaces accessible to users.

7.4 HIGH

Cross-Site Scripting

📋 TL;DR

Sharp and Toshiba Tec multifunction printers (MFPs) have a reflected cross-site scripting vulnerability where specially crafted URLs can execute malicious scripts in users' browsers. This affects organizations using vulnerable Sharp and Toshiba Tec MFP models with web interfaces accessible to users.

💻 Affected Systems

Products:

Sharp MFPs
Toshiba Tec MFPs

Versions: Specific models listed in vendor advisories (check references for exact models)

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects models with web management interfaces. Exact model lists available in vendor advisories.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to phishing sites, or perform actions on behalf of authenticated users, potentially leading to data theft or unauthorized device access.

🟠

Likely Case

Attackers craft malicious links that, when clicked by users, execute scripts in their browsers to steal session cookies or redirect to phishing pages.

🟢

If Mitigated

With proper network segmentation and user awareness training, impact is limited to isolated incidents affecting individual users rather than system-wide compromise.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Reflected XSS requires user interaction (clicking malicious link) but requires no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates specified in vendor advisories

Vendor Advisory: https://global.sharp/products/copier/info/info_security_2024-10.html

Restart Required: Yes

Instructions:

1. Check vendor advisories for affected models. 2. Download firmware updates from vendor support sites. 3. Apply firmware updates following vendor instructions. 4. Verify update completion.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to MFP web interfaces to trusted networks only

Web Application Firewall

all

Deploy WAF with XSS protection rules to block malicious requests

🧯 If You Can't Patch

Isolate MFPs on separate VLAN with restricted access
Implement strict Content Security Policy headers if supported

🔍 How to Verify

Check if Vulnerable:

Check MFP model and firmware version against vendor advisories. Test with safe XSS payloads in query parameters.

Check Version:

Check via MFP web interface: Settings > System > Firmware Version

Verify Fix Applied:

Verify firmware version matches patched version in vendor advisory. Retest with XSS payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual query parameters in HTTP logs
Multiple failed XSS attempts

Network Indicators:

HTTP requests with suspicious script tags in query parameters
Unusual traffic to MFP web interfaces

SIEM Query:

source="mfp_web_logs" AND (url="*<script>*" OR url="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-47801

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE: CWE-79

Published: October 25, 2024

Last Updated: November 5, 2024

🔗 References

https://global.sharp/products/copier/info/info_security_2024-10.html Vendor Advisory
https://jvn.jp/en/vu/JVNVU95063136/ Third Party Advisory
https://www.toshibatec.com/information/20241025_01.html Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Bp 30c25 Firmware by Sharp

Bp 30c25t Firmware by Sharp

Bp 30c25y Firmware by Sharp

Bp 30c25z Firmware by Sharp

Bp 30m28 Firmware by Sharp

Bp 30m28t Firmware by Sharp

Bp 30m31 Firmware by Sharp

Bp 30m31t Firmware by Sharp

Bp 30m35 Firmware by Sharp

Bp 30m35t Firmware by Sharp

Bp 50c26 Firmware by Sharp

Bp 50c31 Firmware by Sharp

Bp 50c36 Firmware by Sharp

Bp 50c45 Firmware by Sharp

Bp 50c55 Firmware by Sharp

Bp 50c65 Firmware by Sharp

Bp 50m26 Firmware by Sharp

Bp 50m31 Firmware by Sharp

Bp 50m36 Firmware by Sharp

Bp 50m45 Firmware by Sharp

Bp 50m50 Firmware by Sharp

Bp 50m55 Firmware by Sharp

Bp 55c26 Firmware by Sharp

Bp 60c31 Firmware by Sharp

Bp 60c36 Firmware by Sharp

Bp 60c45 Firmware by Sharp

Bp 70c31 Firmware by Sharp

Bp 70c36 Firmware by Sharp

Bp 70c45 Firmware by Sharp

Bp 70c55 Firmware by Sharp

Bp 70c65 Firmware by Sharp

Bp 70m31 Firmware by Sharp

Bp 70m36 Firmware by Sharp

Bp 70m45 Firmware by Sharp

Bp 70m55 Firmware by Sharp

Bp 70m65 Firmware by Sharp

Bp 70m75 Firmware by Sharp

Bp 70m90 Firmware by Sharp

Bp 90c70 Firmware by Sharp

Bp 90c80 Firmware by Sharp

Bp B537wr Firmware by Sharp

Bp B540wr Firmware by Sharp

Bp B547wd Firmware by Sharp

Bp B550wd Firmware by Sharp

Bp C533wd Firmware by Sharp

Bp C533wr Firmware by Sharp

Bp C535wd Firmware by Sharp

Bp C535wr Firmware by Sharp

Bp C542wd Firmware by Sharp

Bp C545wd Firmware by Sharp

Dx 2000u Firmware by Sharp

Dx 2500n Firmware by Sharp

Dx C310 Firmware by Sharp

Dx C311 Firmware by Sharp

Dx C311j Firmware by Sharp

Dx C381 Firmware by Sharp

Dx C400 Firmware by Sharp

Dx C401 Firmware by Sharp

Dx C401 J Firmware by Sharp

E Studio1058 Firmware by Toshibatec

E Studio1208 Firmware by Toshibatec

E Studio908 Firmware by Toshibatec

Mx 1810u Firmware by Sharp

Mx 2010u Firmware by Sharp

Mx 2301n Firmware by Sharp

Mx 2310r Firmware by Sharp

Mx 2310u Firmware by Sharp

Mx 2314n Firmware by Sharp

Mx 2314nr Firmware by Sharp

Mx 2600g Firmware by Sharp

Mx 2600n Firmware by Sharp

Mx 2601n Firmware by Sharp

Mx 2610n Firmware by Sharp

Mx 2614n Firmware by Sharp

Mx 2615 A Firmware by Sharp

Mx 2615n Firmware by Sharp

Mx 2616n Firmware by Sharp