CVE-2024-36251 HIGH

CVE-2024-36251

Vendor Sharp Corporation
Product Multiple MFPs (multifunction printers)
Weakness CWE-125
Published November 26, 2024
Last update November 4, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedef_sub_sel.html is not processed properly and device-crash happens. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Key dates

02Disclosure timeline

November 26, 2024 CVE published
November 4, 2025 Record updated