HIGH🇬🇧 English

CVE-2018-0689

CVSS 8.8v3.0pub. 2019-01-09upd. 2024-11-21

HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions released prior to 2017 November 2, EW-M660FT firmware versions released prior to 2018 April 19, EW-M770T firmware versions released prior to 2017 September 6, PF-70 firmware versions released prior to 2018 April 20, PF-71 firmware versions released prior to 2017 July 18, PF-81 firmware versions released prior to 2017 September 14, PX-048A firmware versions released prior to 2017 July 4, PX-049A firmware versions released prior to 2017 September 11, PX-437A firmware versions released prior to 2017 July 24, PX-M350F firmware versions released prior to 2018 February 23, PX-M5040F firmware versions released prior to 2017 November 20, PX-M5041F firmware versions released prior to 2017 November 20, PX-M650A firmware versions released prior to 2017 October 17, PX-M650F firmware versions released prior to 2017 October 17, PX-M680F firmware versions released prior to 2017 June 29, PX-M7050F firmware versions released prior to 2017 October 13, PX-M7050FP firmware versions released prior to 2017 October 13, PX-M7050FX firmware versions released prior to 2017 November 7, PX-M7070FX firmware versions released prior to 2017 April 27, PX-M740F firmware versions released prior to 2017 December 4, PX-M741F firmware versions released prior to 2017 December 4, PX-M780F firmware versions released prior to 2017 June 29, PX-M781F firmware versions released prior to 2017 June 27, PX-M840F firmware versions released prior to 2017 November 16, PX-M840FX firmware versions released prior to 2017 December 8, PX-M860F firmware versions released prior to 2017 October 25, PX-S05B/W firmware versions released prior to 2018 March 9, PX-S350 firmware versions released prior to 2018 February 23, PX-S5040 firmware versions released prior to 2017 November 20, PX-S7050 firmware versions released prior to 2018 February 21, PX-S7050PS firmware versions released prior to 2018 February 21, PX-S7050X firmware versions released prior to 2017 November 7, PX-S7070X firmware versions released prior to 2017 April 27, PX-S740 firmware versions released prior to 2017 December 3, PX-S840 firmware versions released prior to 2017 November 16, PX-S840X firmware versions released prior to 2017 December 8, PX-S860 firmware versions released prior to 2017 December 7) may allow a remote attackers to lead a user to a phishing site or execute an arbitrary script on the user's web browser.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Epson Ds 570w

    HW
    Epson
    wszystkie wersje
  • Epson Ds 570w Firmware

    OS
    Epson
    < 2018-03-13
  • Epson Ds 780n

    HW
    Epson
    wszystkie wersje
  • Epson Ds 780n Firmware

    OS
    Epson
    < 2018-03-13
  • Epson Ep 10va

    HW
    Epson
    wszystkie wersje
  • Epson Ep 10va Firmware

    OS
    Epson
    < 2017-09-04
  • Epson Ep 30va

    HW
    Epson
    wszystkie wersje
  • Epson Ep 30va Firmware

    OS
    Epson
    < 2017-06-19
  • Epson Ep 707a

    HW
    Epson
    wszystkie wersje
  • Epson Ep 707a Firmware

    OS
    Epson
    < 2017-08-01
  • Epson Ep 708a

    HW
    Epson
    wszystkie wersje
  • Epson Ep 708a Firmware

    OS
    Epson
    < 2017-08-07
  • Epson Ep 709a

    HW
    Epson
    wszystkie wersje
  • Epson Ep 709a Firmware

    OS
    Epson
    < 2017-06-12
  • Epson Ep 777a

    HW
    Epson
    wszystkie wersje
  • Epson Ep 777a Firmware

    OS
    Epson
    < 2017-08-01
  • Epson Ep 807ab

    HW
    Epson
    wszystkie wersje
  • Epson Ep 807ab Firmware

    OS
    Epson
    < 2017-08-01
  • Epson Ep 807ar

    HW
    Epson
    wszystkie wersje
  • Epson Ep 807ar Firmware

    OS
    Epson
    < 2017-08-01
  • Epson Ep 807aw

    HW
    Epson
    wszystkie wersje
  • Epson Ep 807aw Firmware

    OS
    Epson
    < 2017-08-01
  • Epson Ep 808ab

    HW
    Epson
    wszystkie wersje
  • Epson Ep 808ab Firmware

    OS
    Epson
    < 2017-08-07
  • Epson Ep 808ar

    HW
    Epson
    wszystkie wersje
  • Epson Ep 808ar Firmware

    OS
    Epson
    < 2017-08-07
  • Epson Ep 808aw

    HW
    Epson
    wszystkie wersje
  • Epson Ep 808aw Firmware

    OS
    Epson
    < 2017-08-07
  • Epson Ep 879ab

    HW
    Epson
    wszystkie wersje
  • Epson Ep 879ab Firmware

    OS
    Epson
    < 2017-06-12
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-0688MEDIUM6.1ten sam produkt

Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to ...

CVE-2026-23767CRITICAL9.8PL ✓ten sam vendor

Brak uwierzytelniania i szyfrowania w protokole ESC/POS urządzeń Epson

CVE-2022-36133CRITICAL9.1ten sam vendor

The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authe...

CVE-2020-28929CRITICAL9.8ten sam vendor

Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthen...

CVE-2020-6091CRITICAL9.1ten sam vendor

An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1...

CVE-2018-0689 — HIGH 8.8 | CVEbaza.pl