Vulnerability Description
The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass.
CVSS Score
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Epson | Tm-C3500 Firmware | wam31500 |
| Epson | Tm-C3500 | - |
| Epson | Tm-C3510 Firmware | wam31500 |
| Epson | Tm-C3510 | - |
| Epson | Tm-C3520 Firmware | wam31500 |
| Epson | Tm-C3520 | - |
| Epson | Tm-C7500 Firmware | wam31500 |
| Epson | Tm-C7500 | - |
| Epson | Tm-C7500G Firmware | wam31500 |
| Epson | Tm-C7500G | - |
| Epson | Tm-C7510 Firmware | wam31500 |
| Epson | Tm-C7510 | - |
| Epson | Tm-C7510G Firmware | wam31500 |
| Epson | Tm-C7510G | - |
| Epson | Tm-C7520 Firmware | wam31500 |
| Epson | Tm-C7520 | - |
| Epson | Tm-C7520G Firmware | wam31500 |
| Epson | Tm-C7520G | - |
Related Weaknesses (CWE)
References
- https://download.epson-biz.com/epson/epson_public_document.php?name=Infomation_hVendor Advisory
- https://download.epson-biz.com/modules/colorworks/ProductVendor Advisory
- https://download.epson-biz.com/epson/epson_public_document.php?name=Infomation_hVendor Advisory
- https://download.epson-biz.com/modules/colorworks/ProductVendor Advisory
FAQ
What is CVE-2022-36133?
CVE-2022-36133 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass.
How severe is CVE-2022-36133?
CVE-2022-36133 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-36133?
Check the references section above for vendor advisories and patch information. Affected products include: Epson Tm-C3500 Firmware, Epson Tm-C3500, Epson Tm-C3510 Firmware, Epson Tm-C3510, Epson Tm-C3520 Firmware.