Vulnerabilities > Epson > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-24 | CVE-2018-19232 | Unspecified vulnerability in Epson Workforce Wf-2861 Firmware 10.48Lq22I3/10.51.Lq20I6/10.52.Lq17Ia The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to cause a denial of service via a FIRMWAREUPDATE GET request, as demonstrated by the /DOWN/FIRMWAREUPDATE/ROM1 URI. | 5.0 |
| 2018-12-24 | CVE-2018-18960 | Resource Exhaustion vulnerability in Epson Workforce Wf-2861 Firmware 10.48Lq22I3/10.51.Lq20I6/10.52.Lq17Ia An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. | 4.3 |
| 2018-12-24 | CVE-2018-18959 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Epson Workforce Wf-2861 Firmware 10.48Lq22I3/10.51.Lq20I6/10.52.Lq17Ia An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. | 5.0 |
| 2018-08-30 | CVE-2018-14903 | Origin Validation Error vulnerability in Epson Wf-2750 Firmware Jp02L2 EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer. | 5.0 |
| 2018-08-30 | CVE-2018-14902 | Information Exposure vulnerability in Epson Iprint 6.6.3 The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. | 5.0 |
| 2018-08-30 | CVE-2018-14901 | Use of Hard-coded Credentials vulnerability in Epson Iprint 6.6.3 The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services. | 5.0 |
| 2018-08-30 | CVE-2018-14900 | Channel and Path Errors vulnerability in Epson Wf-2750 Firmware Jp02L2 On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. | 5.0 |
| 2018-08-30 | CVE-2018-14899 | Cross-site Scripting vulnerability in Epson Wf-2750 Firmware Jp02L2 On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites. | 4.3 |
| 2018-02-08 | CVE-2018-5550 | Cross-site Scripting vulnerability in Epson Airprint Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user. | 4.3 |
| 2017-10-10 | CVE-2017-12860 | Use of Hard-coded Credentials vulnerability in Epson Easymp 2.86 The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector has a hardcoded "backdoor" code (2270), which authenticates to all devices. | 5.0 |