Published:2025/05/12  Last Updated:2025/07/14

JVN#20474768
Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview

Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability.

Products Affected

  • Specific products and versions which implement Web Image Monitor
As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed below. 

Description

Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs (multifunction printers).
Web Image Monitor contains the vulnerability listed below.

  • Reflected cross-site scripting (CWE-79)
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1
    • CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1
    • CVE-2025-41393

Impact

An arbitrary script may be executed on the web browser of the user who accessed Web Image Monitor.

Solution

Update Web Image Monitor
Update Web Image Monitor to the latest version according to the information provided by the respective vendors.

Vendor Status

Vendor Status Last Update Vendor Notes
KONICA MINOLTA JAPAN, INC. Vulnerable 2025/07/14 KONICA MINOLTA JAPAN, INC. website
Vendor Link
Ricoh Company, Ltd. Specific Ricoh MFP and Printer Products - Reflected Cross-Site Scripting Vulnerability via Web Image Monitor (CVE-2025-41393)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Juan Pablo Gomez Postigo of Sprocket Security, Niels Eris of HackDefense, and Vincent Theriault of Precicom Technologies Inc. reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2025-41393
JVN iPedia JVNDB-2025-000030

Update History

2025/07/14
Information under the section [Title], [Overview], [Products Affected], [Description] and [Solution] was updated
2025/07/14
KONICA MINOLTA JAPAN, INC. update status