Vulnerabilities > Epson
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-30 | CVE-2018-14902 | Information Exposure vulnerability in Epson Iprint 6.6.3 The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. | 7.5 |
2018-08-30 | CVE-2018-14901 | Use of Hard-coded Credentials vulnerability in Epson Iprint 6.6.3 The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services. | 7.5 |
2018-08-30 | CVE-2018-14900 | Channel and Path Errors vulnerability in Epson Wf-2750 Firmware Jp02L2 On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. | 7.5 |
2018-08-30 | CVE-2018-14899 | Cross-site Scripting vulnerability in Epson Wf-2750 Firmware Jp02L2 On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites. | 6.1 |
2018-02-08 | CVE-2018-5550 | Cross-site Scripting vulnerability in Epson Airprint Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user. | 6.1 |
2017-10-10 | CVE-2017-12861 | Weak Password Requirements vulnerability in Epson Easymp 2.86 The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device | 9.8 |
2017-10-10 | CVE-2017-12860 | Use of Hard-coded Credentials vulnerability in Epson Easymp 2.86 The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices. | 9.8 |
2017-03-15 | CVE-2017-6443 | Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00 Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1. | 6.1 |