Vulnerabilities > Canon

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-39368	Cross-site Scripting vulnerability in Canon OCE Print Exec Workgroup 1.3.2 Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter. network low complexity canon CWE-79	6.1
2021-08-11	CVE-2021-38085	Incorrect Permission Assignment for Critical Resource vulnerability in Canon Pixma Tr150 Firmware 3.71.2.10 The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. local low complexity canon CWE-732	7.8
2020-11-30	CVE-2020-16849	Unspecified vulnerability in Canon products An issue was discovered on Canon MF237w 06.07 devices. network low complexity canon	7.5
2020-11-16	CVE-2020-26508	Insufficiently Protected Credentials vulnerability in Canon OCE Colorwave 3500 Firmware 5.1.1.0 The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI. network low complexity canon CWE-522 critical	9.8
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-03-19	CVE-2020-10669	Improper Authentication vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. network low complexity canon CWE-287	7.5
2020-03-19	CVE-2020-10671	Cross-Site Request Forgery (CSRF) vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. network low complexity canon CWE-352	8.8
2020-03-19	CVE-2020-10670	Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. network low complexity canon CWE-79	6.1
2020-03-19	CVE-2020-10668	Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. network low complexity canon CWE-79	6.1
2020-03-19	CVE-2020-10667	Cross-site Scripting vulnerability in Canon OCE Colorwave 500 Firmware 4.0.0.0 The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. network low complexity canon CWE-79	6.1

Vulnerabilities > Canon {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canon"}]}

Vulnerabilities > Canon