Vulnerability Details CVE-2013-4614
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.08
EPSS Ranking 91.7%
CVSS Severity
CVSS v2 Score 2.1
References
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
- http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb
- http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
- http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb
Products affected by CVE-2013-4614
-
cpe:2.3:h:canon:mg3100_printer:-
-
cpe:2.3:h:canon:mg5300_printer:-
-
cpe:2.3:h:canon:mg6100_printer:-
-
cpe:2.3:h:canon:mp340_printer:-
-
cpe:2.3:h:canon:mp495_printer:-
-
cpe:2.3:h:canon:mx870_printer:-
-
cpe:2.3:h:canon:mx890_printer:-
-
cpe:2.3:h:canon:mx920_printer:-
-
cpe:2.3:h:canon:mx922_printer:-