CVSS: 7.5EPSS: 0%CPEs: 434EXPL: 0CVE-2023-29984
https://notcve.org/view.php?id=CVE-2023-29984
Null pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor. • https://jvn.jp/en/vu/JVNVU93767756/index.html https://support.brother.com/g/b/faqend.aspx?c=us&lang=en&prod=group2&faqid=faq00100793_000 https://support.brother.com/g/s/security/en https://www.fujifilm.com/fbglobal/eng/company/news/notice/2023/browser_announce.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-11581 – Brother HL Series Printers 1.15 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-11581
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html. Vulnerabilidad Cross-Site Scripting (XSS) en las impresoras Brother de la serie HL permite que atacantes remotos inyecten scripts web o HTML mediante el parámetro url en etc/loginerror.html. • https://www.exploit-db.com/exploits/44839 https://support.brother.com/g/b/faqend.aspx?c=us_ot&lang=en&prod=group2&ftype3=100033&faqid=faq00100530_000 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •