.. / CVE-2024-33605

Exploit for Sharp Multifunction Printers - Directory Listing (CVE-2024-33605)

Description:

It was observed that Sharp printers are vulnerable to an arbitrary directory listing without authentication. Any attacker can list any directory located in the printer and recover any file.

Nuclei Template

View the template here CVE-2024-33605.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-33605.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-33605
https://global.sharp/products/copier/info/info_security_2024-05.html
https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-arbitrary-directory-listing
https://jvn.jp/en/vu/JVNVU93051062/index.html