Vulnerabilities > Canon > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-11 | CVE-2023-0857 | Unspecified vulnerability in Canon products Unintentional change of settings during initial registration of system administrators which uses control protocols. | 7.5 |
2023-03-29 | CVE-2022-43608 | Unspecified vulnerability in Canon Mf644Cdw Firmware 10.03 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. low complexity canon | 8.8 |
2023-03-28 | CVE-2022-24672 | Out-of-bounds Write vulnerability in Canon products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. | 8.8 |
2023-03-28 | CVE-2022-24674 | Out-of-bounds Write vulnerability in Canon products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. | 8.8 |
2022-04-25 | CVE-2022-26111 | Expression Language Injection vulnerability in Canon Irisnext 9.8.28 The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. | 8.8 |
2021-12-06 | CVE-2021-43471 | Weak Password Requirements vulnerability in Canon Lbp223Dw Firmware In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. | 7.5 |
2021-08-29 | CVE-2021-38154 | Incorrect Permission Assignment for Critical Resource vulnerability in Canon - Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. | 7.5 |
2021-08-11 | CVE-2021-38085 | Incorrect Permission Assignment for Critical Resource vulnerability in Canon Pixma Tr150 Firmware 3.71.2.10 The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. | 7.8 |
2020-11-30 | CVE-2020-16849 | Unspecified vulnerability in Canon products An issue was discovered on Canon MF237w 06.07 devices. | 7.5 |
2020-06-08 | CVE-2020-12695 | Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | 7.5 |