JVN#48718197
Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Overview
Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability.
Products Affected
- Specific products and versions which implement Web Image Monitor
Description
Web Image Monitor provided by Ricoh Company, Ltd. is a web server that is included in and runs on laser printers and MFPs (multifunction printers).
Web Image Monitor contains the vulnerability listed below.
- Reflected cross-site scripting (CWE-79)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1
- CVE-2026-56809
Impact
An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.
Solution
Update Web Image Monitor
Update Web Image Monitor to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Ricoh Company, Ltd. | Specific Ricoh MFP and Printer Products: Reflected Cross-Site Scripting (XSS) Vulnerability in Web Image Monitor |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Tomasz Holeksa of Pentest Limited reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-56809 |
| JVN iPedia |
JVNDB-2026-000092 |