6.4 Medium
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
85.8%
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.