CVE-2013-4615

EPSS 63.32%
Published 21.06.2013 21:55:01
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html.  NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Canon ≫ Mg3100 Printer Version-

Canon ≫ Mg5300 Printer Version-

Canon ≫ Mg6100 Printer Version-

Canon ≫ Mp340 Printer Version-

Canon ≫ Mp495 Printer Version-

Canon ≫ Mx870 Printer Version-

Canon ≫ Mx890 Printer Version-

Canon ≫ Mx920 Printer Version-

Canon ≫ Mx922 Printer Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	63.32%	0.983

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html

http://www.mattandreko.com/2013/06/canon-y-u-no-security.html

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb

https://nvd.nist.gov/vuln/detail/CVE-2013-4615

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4615

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4615

EUVD