CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 1CVE-2018-11711
https://notcve.org/view.php?id=CVE-2018-11711
A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation ** EN DISPUTA ** Un atacante remoto puede omitir el modo "System Manager" en la interfaz web de Canon MF210 y MF220 sin conocer el PIN para /login.html mediante vectores relacionados con /portal_top.html para obtener acceso total al dispositivo. NOTA: se indica que el fabricante ha respondido que este problema ocurre cuando un cliente mantiene la configuración por defecto sin emplear las contramedidas y buenas prácticas explicadas en la documentación. • https://gist.github.com/huykha/9dbcd0e46058f1e18bab241d1b2754bd https://www.exploit-db.com/exploits/44845 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 1CVE-2018-11692
https://notcve.org/view.php?id=CVE-2018-11692
An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation ** EN DISPUTA ** Se ha descubierto un problema en dispositivos Canon LBP6650, LBP3370, LBP3460 y LBP7750C. Es posible omitir la autenticación del modo administrador para /tlogin.cgi mediante vectores relacionados con frame.cgi? • https://gist.github.com/huykha/2dfbe97810e96a05e67359fd9e7cc9ff https://www.exploit-db.com/exploits/44844 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5631
https://notcve.org/view.php?id=CVE-2015-5631
Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allows remote attackers to hijack the authentication of administrators. Vulnerabilidad de CSRF en la UI Remote en impresoras Canon PIXMA MG7500, permite a atacantes remotos secuestrar la autenticación de los administradores. • http://jvn.jp/en/jp/JVN07427376/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000129 http://www.canon.com/support/pdf/inkjet-printer.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-4614 – Canon Printer Wireless Configuration Disclosure
https://notcve.org/view.php?id=CVE-2013-4614
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation. English/pages_MacUS/wls_set_content.html en impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, y MX922 muestra la contraseña de paso (passphrase) en texto plano, lo que permite a atacantes físicamente próximos obtener información sensible mediante la lectura de la pantalla de una estación de trabajo. Various Canon printers suffer from a lack of password authentication, denial of service, and WEP/WPA/WPA2 secret disclosure vulnerabilities. Models affected include, but are not limited to, MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, and MX920. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html http://www.mattandreko.com/2013/06/canon-y-u-no-security.html https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2013-4613 – Canon Printer DoS / Secret Disclosure
https://notcve.org/view.php?id=CVE-2013-4613
The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the Advanced page. NOTE: the vendor has apparently responded by stating "for user convenience, the default setting does not require a password. However, if a user has a particular concern about third parties accessing the user's home printer, the default setting can be changed to add a password." La configuración por defecto de la interfaz de administración en las impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920 y MX922 no requiere autenticación, lo que permite a atacantes remotos modificar la configuración visitando la página de opciones avanzadas. NOTA: el vendedor al parecer ha respondido afirmando que "para mayor comodidad del usuario, la configuración por defecto no requiere una contraseña. • http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html http://www.mattandreko.com/2013/06/canon-y-u-no-security.html • CWE-264: Permissions, Privileges, and Access Controls •