Vulnerabilities > Brother
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-13 | CVE-2019-13194 | Information Exposure vulnerability in Brother Hl-L8360Cdw Firmware 1.20 Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL. | 5.0 |
| 2020-03-13 | CVE-2019-13193 | Out-of-bounds Write vulnerability in Brother Hl-L8360Cdw Firmware 1.20 Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. | 9.0 |
| 2020-03-13 | CVE-2019-13192 | Out-of-bounds Write vulnerability in Brother Hl-L8360Cdw Firmware 1.20 Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. | 10.0 |
| 2020-02-05 | CVE-2013-2675 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information. | 4.3 |
| 2020-02-04 | CVE-2013-2676 | Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information. | 5.0 |
| 2020-02-03 | CVE-2013-2674 | Information Exposure vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers. | 5.0 |
| 2020-02-03 | CVE-2013-2673 | Incorrect Authorization vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows physically proximate attackers to gain unauthorized access. | 4.6 |
| 2020-02-03 | CVE-2013-2672 | Insufficiently Protected Credentials vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords. | 5.0 |
| 2018-06-01 | CVE-2018-11581 | Cross-site Scripting vulnerability in Brother Hl-L2340D Firmware and Hl-L2380Dw Firmware Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html. | 3.5 |
| 2017-11-10 | CVE-2017-16249 | Unspecified vulnerability in Brother Dcp-J132W Firmware The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. | 7.8 |