9.8
CVE-2026-23767
- EPSS 0.07%
- Veröffentlicht 05.03.2026 05:34:40
- Zuletzt bearbeitet 09.03.2026 18:42:01
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Epson ≫ Sb-h50 Firmware Version-
Epson ≫ Tm-h6000v Firmware Version-
Epson ≫ Tm-l100 Firmware Version-
Epson ≫ Tm-m10 Firmware Version-
Epson ≫ Tm-m30 Firmware Version-
Epson ≫ Tm-m30ii Firmware Version-
Epson ≫ Tm-m30ii-h Firmware Version-
Epson ≫ Tm-m30ii-s Firmware Version-
Epson ≫ Tm-m30ii-sl Firmware Version-
Epson ≫ Tm-m30iii Firmware Version-
Epson ≫ Tm-m30iii-h Firmware Version-
Epson ≫ Tm-m55 Firmware Version-
Epson ≫ Tm-p20ii Firmware Version-
Epson ≫ Tm-p80ii Firmware Version-
Epson ≫ Tm-p20 Firmware Version-
Epson ≫ Tm-p60ii Firmware Version-
Epson ≫ Tm-p80 Firmware Version-
Epson ≫ Tm-t20ii Firmware Version-
Epson ≫ Tm-t20iii Firmware Version-
Epson ≫ Tm-t88vi Firmware Version-
Epson ≫ Tm-t88vi-ihub Firmware Version-
Epson ≫ Tm-t88vii Firmware Version-
Epson ≫ Ub-r04 Firmware Version-
Epson ≫ Ub-e04 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.205 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.