Vulnerabilities > Epson > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-15 CVE-2017-6443 Cross-site Scripting vulnerability in Epson Tmnet Webconfig 1.00
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
network
epson CWE-79
4.3
4.3
2015-10-28 CVE-2015-6034 Permissions, Privileges, and Access Controls vulnerability in Epson Network Utility 4.10
EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file.
local
epson CWE-264
6.9
6.9
2010-12-08 CVE-2010-3920 Permissions, Privileges, and Access Controls vulnerability in Epson products
The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.
local
low complexity
epson CWE-264
4.6
4.6