Lucene search

JpcertCVELIST:CVE-2023-23572

HistoryApr 11, 2023 - 12:00 a.m.

CVE-2023-23572

2023-04-1100:00:00

jpcert

www.cve.org

cross-site scripting

seiko epson

remote manager

administrative privilege

web config

network interface

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.

CNA Affected

[
  {
    "vendor": "SEIKO EPSON CORPORATION",
    "product": "SEIKO EPSON printers/network interface Web Config",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN82424996/

www.epson.jp/support/misc_t/230308_oshirase.htm