Vulnerability Description
The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting in the printer process shutting down or powering off, causing a denial of service condition.
Related Weaknesses (CWE)
References
- https://www.epson.eu/en_EU/support/sc/epson-stylus-sx510w/s/s837
- https://www.exploit-db.com/exploits/51441
- https://www.vulncheck.com/advisories/epson-stylus-printer-remote-power-off-dos
- https://www.exploit-db.com/exploits/51441
FAQ
What is CVE-2023-7326?
CVE-2023-7326 is a documented vulnerability. The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacke...
How severe is CVE-2023-7326?
CVSS scoring is not yet available for CVE-2023-7326. Check NVD for updates.
Is there a patch for CVE-2023-7326?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.