CVE Catalog

CVE-2026-56809

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

8th percentile — higher than 8% of all known CVEs

Summary

Multiple laser printers and MFPs implementing Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An attacker can exploit this flaw to execute arbitrary scripts in the browser of a user accessing Web Image Monitor.

Risk Assessment

The risk includes session hijacking, credential theft, or unauthorized actions performed within the context of the device administrator's session.

Recommendation

Immediately update the Web Image Monitor software to the latest version provided by the vendor and restrict access to the management interface to trusted networks only.

Original NVD description (English source)

Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses Web Image Monitor.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS