JVN#65118274
Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor
Overview
Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain an open redirect vulnerability.
Products Affected
- Specific products and versions which implement Web Image Monitor
Description
Web Image Monitor provided by Ricoh Company, Ltd. is a web server that is included in and runs on laser printers and MFPs (multifunction printers).
Web Image Monitor contains the vulnerability listed below.
- Open redirect (CWE-601)
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N Base Score 5.1
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Base Score 4.7
- CVE-2026-41226
Impact
When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack.
Solution
Update Web Image Monitor
Update Web Image Monitor to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Ricoh Company, Ltd. | Specific Ricoh MFPs and Printers: Open Redirect Vulnerability in Web Image Monitor |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Tony Kirkland of Sixgen Inc reported this vulnerability to Ricoh Company, Ltd. directly and coordinated. After the coordination, Ricoh Company, Ltd. reported this case to IPA under Information Security Early Warning Partnership, and JPCERT/CC coordinated with Ricoh Company, Ltd. for JVN publication.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-41226 |
| JVN iPedia |
JVNDB-2026-000066 |