Vulnerabilities > Epson

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-14902 Information Exposure vulnerability in Epson Iprint 6.6.3
The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access.
network
low complexity
epson CWE-200
7.5
2018-08-30 CVE-2018-14901 Use of Hard-coded Credentials vulnerability in Epson Iprint 6.6.3
The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.
network
low complexity
epson CWE-798
7.5
2018-08-30 CVE-2018-14900 Channel and Path Errors vulnerability in Epson Wf-2750 Firmware Jp02L2
On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs.
network
low complexity
epson CWE-417
7.5
2018-08-30 CVE-2018-14899 Cross-site Scripting vulnerability in Epson Wf-2750 Firmware Jp02L2
On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.
network
low complexity
epson CWE-79
6.1
2018-02-08 CVE-2018-5550 Cross-site Scripting vulnerability in Epson Airprint
Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.
network
low complexity
epson CWE-79
6.1
2017-10-10 CVE-2017-12861 Weak Password Requirements vulnerability in Epson Easymp 2.86
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device
network
low complexity
epson CWE-521
critical
9.8
2017-10-10 CVE-2017-12860 Use of Hard-coded Credentials vulnerability in Epson Easymp 2.86
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.
network
low complexity
epson CWE-798
critical
9.8
2017-03-15 CVE-2017-6443 Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
network
low complexity
epson CWE-79
6.1