JVN#20474768
Reflected cross-site scripting vulnerability in Ricoh laser printers and MFPs which implement Web Image Monitor
Overview
Ricoh laser printers and MFPs (multifunction printers) which implement Web Image Monitor contain a reflected cross-site scripting vulnerability.
Products Affected
- The specific versions of laser printers and MFPs which implement Web Image Monitor
Description
Web Image Monitor provided by Ricoh Company, Ltd. is an web server included in Ricoh laser printers and MFPs (multifunction printers) and runs on them.
Web Image Monitor contains the vulnerability listed below.
- Reflected cross-site scripting (CWE-79)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1
- CVE-2025-41393
Impact
An arbitrary script may be executed on the web browser of the user who accessed Web Image Monitor.
Solution
Update Web Image Monitor
Update Web Image Monitor to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Ricoh Company, Ltd. | Specific Ricoh MFP and Printer Products - Reflected Cross-Site Scripting Vulnerability via Web Image Monitor (CVE-2025-41393) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Juan Pablo Gomez Postigo of Sprocket Security, Niels Eris of HackDefense, and Vincent Theriault of Precicom Technologies Inc. reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2025-41393 |
| JVN iPedia |
JVNDB-2025-000030 |