7.8

CVE-2017-16249

Exploit

EPSS 68.82%
Published 10.11.2017 02:29:18
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.

Affected products Warnungen 0 Metrics 3 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Brother ≫ Dcp-j132w Firmware Version <= 1.20

Brother ≫ Dcp-j132w Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	68.82%	0.985

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://packetstormsecurity.com/files/144908/Debut-Embedded-httpd-1.20-Denial-Of-Service.html

Third Party Advisory

Exploit

VDB Entry

https://www.exploit-db.com/exploits/43119/

Third Party Advisory

Exploit

VDB Entry

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-017/?fid=10211

Third Party Advisory

Exploit

https://www.trustwave.com/Resources/SpiderLabs-Blog/Denial-of-Service-Vulnerability-in-Brother-Printers/?page=1&year=0&month=0&LangType=1033

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-16249

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-16249

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-16249

EUVD