Lucene search
K

EPSON Printers Improper Authentication (CVE-2022-36133)

๐Ÿ—“๏ธย 05 Feb 2026ย 00:00:00Reported byย TenableTypeย 
nessus
ย nessus
๐Ÿ”—ย www.tenable.com๐Ÿ‘ย 4ย Views

Epson TM-C3500 and TM-C7500 WebConfig allows authentication bypass (CVE-2022-36133).

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2022-36133
25 Nov 202212:15
โ€“circl
CNNVD
EpsonTM-C3500ๅ’ŒTM-C7500 ๆŽˆๆƒ้—ฎ้ข˜ๆผๆดž
25 Nov 202200:00
โ€“cnnvd
CNVD
Unspecified Vulnerability in Epson TM-C3500 and TM-C7500
29 Nov 202200:00
โ€“cnvd
CVE
CVE-2022-36133
25 Nov 202200:00
โ€“cve
Cvelist
CVE-2022-36133
25 Nov 202200:00
โ€“cvelist
EUVD
EUVD-2022-38854
3 Oct 202520:07
โ€“euvd
NVD
CVE-2022-36133
25 Nov 202206:15
โ€“nvd
OpenVAS
Epson Printers Authentication Bypass Vulnerability (Nov 2022)
21 Aug 202300:00
โ€“openvas
OSV
CVE-2022-36133
25 Nov 202206:15
โ€“osv
Prion
Authentication flaw
25 Nov 202206:15
โ€“prion
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(505069);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/06");

  script_cve_id("CVE-2022-36133");

  script_name(english:"EPSON Printers Improper Authentication (CVE-2022-36133)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices
with firmware version WAM31500 allows authentication bypass.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://download.epson-biz.com/epson/epson_public_document.php?name=Infomation_history.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6c285699");
  script_set_attribute(attribute:"see_also", value:"https://download.epson-biz.com/modules/colorworks/");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-36133");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(287);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/11/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/11/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/02/05");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c3500_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c3510_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c3520_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7500_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7500g_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7510_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7510g_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7520_firmware:wam31500");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:epson:tm-c7520g_firmware:wam31500");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/EPSON");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/EPSON');

var asset = tenable_ot::assets::get(vendor:'EPSON');

var vuln_cpes = {
    "cpe:/o:epson:tm-c3500_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c3510_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c3520_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7500_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7500g_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7510_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7510g_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7520_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"},
    "cpe:/o:epson:tm-c7520g_firmware:wam31500" :
        {"versionEndIncluding" : "wam31500", "versionStartIncluding" : "wam31500", "family" : "EPSON"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation withย Vulners data

Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data

Api

Power your application withย Vulners API

The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access

App

Assess and manage vulnerabilities withย Vulnersย tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation