Vulnerabilities
Vulnerable Software
Epson:  Security Vulnerabilities
EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-08-30
On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.
CVSS Score
6.1
EPSS Score
0.007
Published
2018-08-30
On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.
CVSS Score
7.5
EPSS Score
0.011
Published
2018-08-30
The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.
CVSS Score
7.5
EPSS Score
0.011
Published
2018-08-30
The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents.
CVSS Score
7.5
EPSS Score
0.012
Published
2018-08-30
Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.
CVSS Score
6.1
EPSS Score
0.375
Published
2018-02-08
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.
CVSS Score
9.8
EPSS Score
0.035
Published
2017-10-10
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device
CVSS Score
9.8
EPSS Score
0.033
Published
2017-10-10
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
CVSS Score
6.1
EPSS Score
0.033
Published
2017-03-15
EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file.
CVSS Score
6.9
EPSS Score
0.003
Published
2015-10-28


Contact Us

Shodan ® - All rights reserved