Sharp: Security Vulnerabilities
Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons allows a attacker may access to the web interface of the affected product without authentication and change settings or perform other operations, and deliver content from the authoring software to the affected product without authentication.
CVSS Score
9.2
EPSS Score
0.001
Published
2025-12-22
Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware.
CVSS Score
9.5
EPSS Score
0.0
Published
2025-12-22
Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-12-22
Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.
CVSS Score
9.2
EPSS Score
0.001
Published
2025-12-22
Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files within the projector.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-12-22
Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted.
A non-administrative user may execute some configuration APIs.
CVSS Score
8.1
EPSS Score
0.004
Published
2024-10-25
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
CVSS Score
9.1
EPSS Score
0.003
Published
2024-10-25
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers.
Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.
CVSS Score
7.4
EPSS Score
0.005
Published
2024-10-25
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability.
Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser.
CVSS Score
7.4
EPSS Score
0.009
Published
2024-10-25
Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability.
If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users.
CVSS Score
6.2
EPSS Score
0.004
Published
2024-10-25
Page 1