CVE-2018-19248

N/A

Beschreibung

The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request to the /FIRMWAREUPDATE URI.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht12/24/2018

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

epson:epson_workforce_wf-2861epson:epson_workforce_wf-2861_firmware

Schwachen (CWE)

CWE-306

Referenzen

https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19248/poc-cve-2018-19248.py(cve@mitre.org)

https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-2018-19248/poc-cve-2018-19248.py(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.