Canon Devices - Authentication Bypass in Catwalk Server

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

Code injection

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

PT-2021-21971

Name of the Vulnerable Software and Affected Versions: Canon devices manufactured in 2012 through 2020, such as imageRUNNER ADVANCE iR-ADV C5250 Description: The issue allows remote attackers to modify an e-mail address setting when Catwalk Server is enabled for HTTP access, causing the device to...

VulnCheck KEV: CVE-2021-38154

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker...

Canon 多款产品信息泄露漏洞

The Canon imageRUNNER ADVANCE iR-ADV C5250 is a multifunctional office device from Canon Japan. An information disclosure vulnerability exists in multiple Canon products, which originates in certain Canon devices manufactured from 2012 through 2020 such as the imageRUNNER ADVANCE iR-ADV C5250, an...