CVE-2024-51980: Unauthenticated Server Side Request Forgery (SSRF) via WS-Addressing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.
An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection, nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2024-51980?
CVE-2024-51980 is classified as a medium severity vulnerability due to its potential for server-side request forgery (SSRF) exploitation.
How do I fix CVE-2024-51980?
To fix CVE-2024-51980, it is recommended to apply available patches from affected vendor websites and implement network-level access controls.
Which devices are affected by CVE-2024-51980?
CVE-2024-51980 affects various devices from vendors including Brother, FUJIFILM, RICOH, and Toshiba Tec.
What type of attack does CVE-2024-51980 enable?
CVE-2024-51980 enables unauthenticated server-side request forgery (SSRF) attacks, which can force the targeted device to make connections to arbitrary IP addresses and ports.
Can CVE-2024-51980 be exploited remotely?
Yes, CVE-2024-51980 can be exploited remotely by unauthenticated attackers targeting vulnerable devices.