Vulnerabilities > Brother

DATE CVE VULNERABILITY TITLE RISK
2020-03-13 CVE-2019-13194 Information Exposure vulnerability in Brother Hl-L8360Cdw Firmware 1.20
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL.
network
low complexity
brother CWE-200
5.0
2020-03-13 CVE-2019-13193 Out-of-bounds Write vulnerability in Brother Hl-L8360Cdw Firmware 1.20
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly.
network
low complexity
brother CWE-787
critical
9.0
2020-03-13 CVE-2019-13192 Out-of-bounds Write vulnerability in Brother Hl-L8360Cdw Firmware 1.20
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly.
network
low complexity
brother CWE-787
critical
10.0
2020-02-05 CVE-2013-2675 Improper Restriction of Rendered UI Layers or Frames vulnerability in Brother Mfc-9970Cdw Firmware 1.10
Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information.
network
brother CWE-1021
4.3
2020-02-04 CVE-2013-2676 Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10
Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information.
network
low complexity
brother CWE-200
5.0
2020-02-03 CVE-2013-2674 Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10
Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers.
network
low complexity
brother CWE-200
5.0
2020-02-03 CVE-2013-2673 Incorrect Authorization vulnerability in Brother Mfc-9970Cdw Firmware 1.10
Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows physically proximate attackers to gain unauthorized access.
local
low complexity
brother CWE-863
4.6
2020-02-03 CVE-2013-2672 Insufficiently Protected Credentials vulnerability in Brother Mfc-9970Cdw Firmware 1.10
Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.
network
low complexity
brother CWE-522
5.0
2018-06-01 CVE-2018-11581 Cross-site Scripting vulnerability in Brother Hl-L2340D Firmware and Hl-L2380Dw Firmware
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
network
brother CWE-79
3.5
2017-11-10 CVE-2017-16249 Unspecified vulnerability in Brother Dcp-J132W Firmware
The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error.
network
low complexity
brother
7.8