CVSS: 10.0EPSS: 0%CPEs: 37EXPL: 0CVE-2025-2146 – Canon imageCLASS MF656Cdw sfpcmAuthenticateSecAdmin Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-2146
25 May 2025 — Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632C... • https://canon.jp/support/support-info/250127vulnerability-response • CWE-787: Out-of-bounds Write •
CVSS: 8.7EPSS: 0%CPEs: 4EXPL: 0CVE-2025-3079
https://notcve.org/view.php?id=CVE-2025-3079
19 May 2025 — A passback vulnerability which relates to office/small office multifunction printers and laser printers. • https://canon.jp/support/support-info/250519vulnerability-response • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2025-3078
https://notcve.org/view.php?id=CVE-2025-3078
19 May 2025 — A passback vulnerability which relates to production printers and office multifunction printers. • https://canon.jp/support/support-info/250519vulnerability-response • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 183EXPL: 0CVE-2022-26320
https://notcve.org/view.php?id=CVE-2022-26320
14 Mar 2022 — The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate. Rambus SafeZone Basic Crypto Module anterior a la versión 10.4.0, utilizado en algunos dispositivos Fujifilm (a... • https://fermatattack.secvuln.info • CWE-330: Use of Insufficiently Random Values •
CVSS: 9.8EPSS: 1%CPEs: 70EXPL: 0CVE-2008-0303
https://notcve.org/view.php?id=CVE-2008-0303
29 Feb 2008 — The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce. La característica de impresión FTP en múltiples impresoras Canon, incluyendo imageRUNNER e imagePRESS, permite a atacantes remotos utilizar el servidor como un proxy inadvertido a través de un comando PORT modificado, también conocido como salto FTP. • http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2006-4680
https://notcve.org/view.php?id=CVE-2006-4680
11 Sep 2006 — The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information. El interfaz de usuario remoto de Canon imageRUNNER incluye nombres de usuario y contraseñas cuando se exportan una libreta de direcciones, lo que permite a un atacante dependiente del contexto obtener información sensible. • http://secunia.com/advisories/21788 •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2004-2166
https://notcve.org/view.php?id=CVE-2004-2166
31 Dec 2004 — The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. • http://secunia.com/advisories/12659 •