CVE-2013-4615

Canon Wireless Printer Denial Of Service

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."

Las impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920 y MX922 permite a atacantes remotos provocar una denegación de servicio (cuelgue del dispositivo) a través de un parámetro LAN_TXT24 especialmente diseñado a English/pages_MacUS/cgi_lan.cgi seguido de una petición directa a English/pages_MacUS/lan_set_content.html. NOTA: el vendedor ha respondido diciendo "Canon cree que sus impresoras no tendrán que hacer frente a accesos no autorizados a la red desde una ubicación externa, siempre y cuando las impresoras se utilizan en un entorno seguro."

Various Canon printers suffer from a lack of password authentication, denial of service, and WEP/WPA/WPA2 secret disclosure vulnerabilities. Models affected include, but are not limited to, MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, and MX920.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-06-17 CVE Reserved
2013-06-18 CVE Published
2024-09-17 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (3)

URL	Tag	Source
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html	Mailing List
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html	X_refsource_misc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb	X_refsource_misc

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Canon Search vendor "Canon"		Mg3100 Printer Search vendor "Canon" for product "Mg3100 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mg5300 Printer Search vendor "Canon" for product "Mg5300 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mg6100 Printer Search vendor "Canon" for product "Mg6100 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mp340 Printer Search vendor "Canon" for product "Mp340 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mp495 Printer Search vendor "Canon" for product "Mp495 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mx870 Printer Search vendor "Canon" for product "Mx870 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mx890 Printer Search vendor "Canon" for product "Mx890 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mx920 Printer Search vendor "Canon" for product "Mx920 Printer"				-		-		Affected
Canon Search vendor "Canon"		Mx922 Printer Search vendor "Canon" for product "Mx922 Printer"				-		-		Affected