Vulnerabilities > Epson

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-14902 Information Exposure vulnerability in Epson Iprint 6.6.3
The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access.
network
low complexity
epson CWE-200
5.0
2018-08-30 CVE-2018-14901 Use of Hard-coded Credentials vulnerability in Epson Iprint 6.6.3
The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.
network
low complexity
epson CWE-798
5.0
2018-08-30 CVE-2018-14900 Channel and Path Errors vulnerability in Epson Wf-2750 Firmware Jp02L2
On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs.
network
low complexity
epson CWE-417
5.0
2018-08-30 CVE-2018-14899 Cross-site Scripting vulnerability in Epson Wf-2750 Firmware Jp02L2
On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.
network
epson CWE-79
4.3
2018-02-08 CVE-2018-5550 Cross-site Scripting vulnerability in Epson Airprint
Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.
network
epson CWE-79
4.3
2017-10-10 CVE-2017-12861 Weak Password Requirements vulnerability in Epson Easymp 2.86
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP" software are vulnerable to a brute-force vulnerability, allowing any attacker on the network to remotely control and stream to the vulnerable device
network
low complexity
epson CWE-521
7.5
2017-10-10 CVE-2017-12860 Use of Hard-coded Credentials vulnerability in Epson Easymp 2.86
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices.
network
low complexity
epson CWE-798
5.0
2017-03-15 CVE-2017-6443 Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
network
epson CWE-79
4.3
2015-10-28 CVE-2015-6034 Permissions, Privileges, and Access Controls vulnerability in Epson Network Utility 4.10
EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file.
local
epson CWE-264
6.9
2010-12-08 CVE-2010-3920 Permissions, Privileges, and Access Controls vulnerability in Epson products
The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.
local
low complexity
epson CWE-264
4.6