CVE-2013-4615

The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:canon:mg3100_printer:-:::::::*
	cpe:2.3:h:canon:mx890_printer:-:::::::*
	cpe:2.3:h:canon:mg6100_printer:-:::::::*
	cpe:2.3:h:canon:mp495_printer:-:::::::*
	cpe:2.3:h:canon:mp340_printer:-:::::::*
	cpe:2.3:h:canon:mx922_printer:-:::::::*
	cpe:2.3:h:canon:mg5300_printer:-:::::::*
	cpe:2.3:h:canon:mx870_printer:-:::::::*
	cpe:2.3:h:canon:mx920_printer:-:::::::*

Information

Published : 2013-06-21 14:55

Updated : 2013-06-24 15:31

NVD link : CVE-2013-4615

Mitre link : CVE-2013-4615

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

canon

mg3100_printer
mx922_printer
mp495_printer
mx870_printer
mg5300_printer
mp340_printer
mx920_printer
mx890_printer
mg6100_printer

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html", "name": "20130618 Canon Wireless Printer Disclosure & DoS", "tags": [], "refsource": "FULLDISC"}, {"url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html", "name": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html", "tags": [], "refsource": "MISC"}, {"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb", "name": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating \"Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-4615", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-06-21T21:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-06-24T22:31Z"}