360 matches found
EUVD-2025-24270
Malicious code in bioql PyPI...
EUVD-2025-19089
Malicious code in bioql PyPI...
EUVD-2023-32066
Malicious code in bioql PyPI...
Brother Printers Buffer Overflow Vulnerability (Jul 2025)
Multiple Brother printers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Multiple Brother and its OEM products with weak initial administrator passwords
Overview Multiple products provided by BROTHER INDUSTRIES, LTD and other OEM vendors are setup with weak initial administrator passwords, which can be derived from their serial numbers. This is reported by Rapid7, and treated on JVNVU90043828, CVE-2024-51978. Brother states that 1 serial numbers...
CVE-2025-8452
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...
CVE-2025-8452
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...
CVE-2025-8452 Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., Toshiba Tec, and Konica Minolta, Inc.
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...
CVE-2025-8452
CVE-2025-8452 leverages eSCL or SNMP to retrieve a printer’s serial number and then applies the technique described in CVE-2024-51978 to derive the default administrator password. If the password remains at its default, an attacker could gain admin access; changing the password mitigates the risk...
Brother Industries多款产品 安全漏洞
Brother Industries HL-L8360CDW and others are products of Brother Industries, Japan.Brother Industries HL-L8360CDW is a multifunction printer.Brother Industries HL-L8260CDN is a laser printer. The Brother Industries HL-L8260CDW is a laser printer. A security vulnerability exists in various Brothe...
PT-2025-32682 · Brother Industries +2 · Ads-1250W +668
CVE-2025-8452 By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provi… https://t.co/pbwa4nsgUj...
Multiple Brother devices authentication bypass via default administrator password generation
By leaking a target devices serial number, a remote attacker can generate the target devices default administrator password. The target device may leak its serial number via unauthenticated HTTP, HTTPS, IPP, SNMP, or PJL requests. Module Options msf use...
CVE-2025-49797
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...
Multiple Brother driver installers for Windows vulnerable to privilege escalation
Overview Multiple Brother driver installers for Windows contain the following vulnerability. Files or directories accessible to external parties CWE-552 - CVE-2025-49797 Julian Horoszkiewicz of Eviden reported this vulnerability to the developer. JPCERT/CC coordinated between the reporter and the...
CVE-2025-49797
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...
CVE-2025-49797
CVE-2025-49797 affects multiple Brother driver installers for Windows, enabling privilege escalation that may allow arbitrary code execution with administrative privileges on the host. The available documents describe a local attack vector with low prerequisites and high impact (CVE-2025-49797; P...
CVE-2025-49797
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...
CVE-2025-49797
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the...
CVE-2024-51984
CVE-2024-51984 describes an authentication-based credential disclosure risk affecting multiple Brother-branded devices and peers (Konica Minolta, FUJIFILM, Ricoh, Toshiba Tec) via pass-back to external services. An authenticated attacker can reconfigure a target device to use an attacker-controll...
CVE-2024-51984 Authenticated disclosure of external service passwords via pass-back attack affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc.
An authenticated attacker can reconfigure the target device to use an external service such as LDAP or FTP controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the...