Vulnerability Description
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canon | Mg3100 Printer | - |
| Canon | Mg5300 Printer | - |
| Canon | Mg6100 Printer | - |
| Canon | Mp340 Printer | - |
| Canon | Mp495 Printer | - |
| Canon | Mx870 Printer | - |
| Canon | Mx890 Printer | - |
| Canon | Mx920 Printer | - |
| Canon | Mx922 Printer | - |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
- http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
- http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos
FAQ
What is CVE-2013-4615?
CVE-2013-4615 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/p...
How severe is CVE-2013-4615?
CVE-2013-4615 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4615?
Check the references section above for vendor advisories and patch information. Affected products include: Canon Mg3100 Printer, Canon Mg5300 Printer, Canon Mg6100 Printer, Canon Mp340 Printer, Canon Mp495 Printer.