CVE-2013-4615

The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:canon:mg3100_printer:-:::::::*
	cpe:2.3:h:canon:mg5300_printer:-:::::::*
	cpe:2.3:h:canon:mg6100_printer:-:::::::*
	cpe:2.3:h:canon:mp340_printer:-:::::::*
	cpe:2.3:h:canon:mp495_printer:-:::::::*
	cpe:2.3:h:canon:mx870_printer:-:::::::*
	cpe:2.3:h:canon:mx890_printer:-:::::::*
	cpe:2.3:h:canon:mx920_printer:-:::::::*
	cpe:2.3:h:canon:mx922_printer:-:::::::*

History

No history.

Information

Published : 2013-06-21 21:55

Updated : 2024-02-04 18:16

NVD link : CVE-2013-4615

Mitre link : CVE-2013-4615

CVE.ORG link : CVE-2013-4615

JSON object : View

Products Affected

canon

mx920_printer
mp495_printer
mg6100_printer
mx870_printer
mx890_printer
mg5300_printer
mg3100_printer
mx922_printer
mp340_printer

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2013-4615", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-06-21T21:55:01.057", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html", "source": "cve@mitre.org"}, {"url": "http://www.mattandreko.com/2013/06/canon-y-u-no-security.html", "source": "cve@mitre.org"}, {"url": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/canon_wireless_printer.rb", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating \"Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment.\""}, {"lang": "es", "value": "Las impresoras Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920 y MX922 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue del dispositivo) a trav\u00e9s de un par\u00e1metro LAN_TXT24 especialmente dise\u00f1ado a English/pages_MacUS/cgi_lan.cgi seguido de una petici\u00f3n directa a English/pages_MacUS/lan_set_content.html. NOTA: el vendedor ha respondido diciendo \"Canon cree que sus impresoras no tendr\u00e1n que hacer frente a accesos no autorizados a la red desde una ubicaci\u00f3n externa, siempre y cuando las impresoras se utilizan en un entorno seguro.\""}], "lastModified": "2013-06-24T22:31:59.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA808CB1-E232-45A7-8913-03DDD4D967AA"}, {"criteria": "cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A7BF24E-0FE5-41E6-B4AF-5CEC5ED0AB3E"}, {"criteria": "cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C007C65-9187-4593-B236-025831220B8C"}, {"criteria": "cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F038B929-787C-4350-B1A4-F2E0F12969FE"}, {"criteria": "cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A7687B9-537C-47CB-AA7B-DE57725B6E89"}, {"criteria": "cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "555BD45B-2B53-42BE-B76B-03205EADD821"}, {"criteria": "cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD762566-16C3-4391-B3C4-A0247AA082AF"}, {"criteria": "cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C74EB1F2-29DA-4835-B2D0-AB96CB1B4FB2"}, {"criteria": "cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08F6F82C-6EF6-40E6-A6C5-D2B4952B02FC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}