Vulnerability Details CVE-2018-11581
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.7%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
- https://support.brother.com/g/b/faqend.aspx?c=us_ot&lang=en&prod=group2&ftype3=100033&faqid=faq00100530_000
- https://www.exploit-db.com/exploits/44839/
- https://support.brother.com/g/b/faqend.aspx?c=us_ot&lang=en&prod=group2&ftype3=100033&faqid=faq00100530_000
- https://www.exploit-db.com/exploits/44839/
Products affected by CVE-2018-11581
-
cpe:2.3:h:brother:hl-l2340d:-
-
cpe:2.3:h:brother:hl-l2380dw:-
-
cpe:2.3:o:brother:hl-l2340d_firmware:*
-
cpe:2.3:o:brother:hl-l2380dw_firmware:-