Seiko Epson Corporation 存储型跨站脚本攻击漏洞(CVE-2023-27520)
CVE编号
CVE-2023-27520利用情况
暂无补丁情况
N/A披露时间
2023-03-08漏洞描述
Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://jvn.jp/en/jp/JVN82424996/ | |
| https://www.epson.jp/support/misc_t/230308_oshirase.htm |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | epson | esifnw1_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | esnsb1_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | esnsb2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-8200c_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-8500c_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-8700ps3_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9200b_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9200c_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9200ps2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9200ps3_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9300_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9600s_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9600_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-9800c_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s3000ps_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s3000r_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s3000z_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s3000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s300n_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s310n_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s3500_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s4000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s4200_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s4500_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s5000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s5300r_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s5300_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s5500_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s6000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s6500_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s7000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s7100_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s7500ps_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s7500_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s8100_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | lp-s9000_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | pa-w11g2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | pa-w11g_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw1s_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw1_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw2ac_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw2sac_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw2s_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw2_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw3s_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw3_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw6_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw7s_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw7u_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | epson | prifnw7_firmware | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | esifnw1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | esnsb1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | esnsb2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-8200c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-8500c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-8700ps3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9200b | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9200c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9200ps2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9200ps3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9600 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9600s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-9800c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s3000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s3000ps | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s3000r | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s3000z | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s300n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s310n | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s3500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s4000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s4200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s4500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s5000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s5300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s5300r | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s5500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s6000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s6500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s7000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s7100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s7500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s7500ps | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s8100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | lp-s9000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | pa-w11g | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | pa-w11g2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw1s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw2ac | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw2s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw2sac | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw3s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw6 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw7 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw7s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | epson | prifnw7u | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 高
- 影响范围 已更改
- 用户交互 需要
- 可用性 无
- 保密性 低
- 完整性 低
| CWE-ID | 漏洞类型 |
| CWE-352 | 跨站请求伪造(CSRF) |
| CWE-79 | 在Web页面生成时对输入的转义处理不恰当(跨站脚本) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论