CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2023/05/11 12:0 a.m.•2 views

多款Canon产品安全漏洞

Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunction printer from Canon Japan. A security vulnerability exists in Canon Laser Printer, Inkjet Printer, and Small Office Multifunctional Printers that originated from a vulnerability that allows an attacker to gain unauthoriz...

7.5CVSS7.4AI score0.00235EPSS

CNNVD•added 2023/05/11 12:0 a.m.•1 views

多款Canon产品缓冲区错误漏洞

Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer from Canon Japan. A security vulnerability exists in Canon Laser Printer, Inkjet Printer, and Small Office Multifunctional Printers, which stems from the presence of a buffer overflow that allows an attacker t...

9.8CVSS8.9AI score0.02554EPSS

CNNVD•added 2023/05/11 12:0 a.m.•3 views

多款Canon产品安全漏洞

Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunction printer from Canon Japan. A security vulnerability exists in Canon Laser Printer, Inkjet Printer, and Small Office Multifunctional Printers that originates from the ability to install arbitrary files in the Setup Data...

5.3CVSS5.9AI score0.00291EPSS

CNNVD•added 2023/05/11 12:0 a.m.•2 views

多款Canon产品缓冲区错误漏洞

Canon imageCLASS MF644Cdw is a smart and efficient 3-in-1 color multifunctional printer from Canon Japan. A security vulnerability exists in Canon Laser Printer, Inkjet Printer, and Small Office Multifunctional Printers, which stems from the presence of a buffer overflow that allows an attacker t...

9.8CVSS8.9AI score0.00512EPSS

Zero Day Initiative•added 2023/05/04 12:0 a.m.•52 views

(Pwn2Own) Canon imageCLASS MF743Cdw CADM resourceStart2 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the resourceStart2 command in the CADM...

8.8CVSS7.4AI score0.00512EPSS

Zero Day Initiative•added 2023/05/04 12:0 a.m.•32 views

(Pwn2Own) Canon imageCLASS MF743Cdw Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rls-login handler. The issue results from the lack of...

8.8CVSS7.4AI score0.01277EPSS

Zero Day Initiative•added 2023/05/04 12:0 a.m.•39 views

(Pwn2Own) Canon imageCLASS MF743Cdw IPP sides Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Internet Printing Protocol IPP service. The issue resul...

8.8CVSS7.4AI score0.02554EPSS

Positive Technologies•added 2023/05/04 12:0 a.m.•4 views

PT-2023-7444 · Canon · Canon Mf +6

Name of the Vulnerable Software and Affected Versions: Canon imageCLASS series versions prior to firmware Ver.11.04 Canon LBP series versions prior to firmware Ver.11.04 Canon MF series versions prior to firmware Ver.11.04 Canon i-SENSYS series versions prior to firmware Ver.11.04 Canon PIXMA...

10CVSS9.6AI score0.02554EPSS

Exploits0References10

Zero Day Initiative•added 2023/05/04 12:0 a.m.•28 views

(Pwn2Own) Canon imageCLASS MF743Cdw mDNS hostname Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling of mDNS packets. The issue results from the lack o...

8.8CVSS7.4AI score0.00512EPSS

Zero Day Initiative•added 2023/05/04 12:0 a.m.•29 views

(Pwn2Own) Canon imageCLASS MF743Cdw cmNetBiosParseName Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of NetBIOS names. The issue results from the la...

8.8CVSS7.3AI score0.01206EPSS

Zero Day Initiative•added 2023/05/04 12:0 a.m.•28 views

(Pwn2Own) Canon imageCLASS MF743Cdw IPP number-up Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Internet Printing Protocol IPP service. The issue resul...

8.8CVSS7.4AI score0.02554EPSS

OSV•added 2023/03/29 7:15 p.m.•1 views

CVE-2022-43608

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.03 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of...

8.8CVSS6.2AI score0.00255EPSS

NVD•added 2023/03/29 7:15 p.m.•8 views

CVE-2022-43608

8.8CVSS9AI score0.00255EPSS

Prion•added 2023/03/29 7:15 p.m.•20 views

Integer overflow

5.8CVSS8.9AI score0.00255EPSS

Exploits0References2Affected Software1

CVE•added 2023/03/29 12:0 a.m.•46 views

CVE-2022-43608

CVE-2022-43608 affects Canon imageCLASS MF644Cdw 10.03 with a BJNP service input validation flaw that can overflow a buffer, allowing network-adjacent attackers to execute code with root privileges, unauthenticated. Exploitation details are documented across multiple sources (ZDI advisory and Red...

8.8CVSS8.9AI score0.00255EPSS

Exploits0References2Affected Software1

CNNVD•added 2023/03/29 12:0 a.m.•2 views

Canon imageCLASS MF644Cdw 输入验证错误漏洞

The Canon imageCLASS MF644Cdw is an intelligent and efficient 3-in-1 color multifunction printer from Canon Japan. The Canon imageCLASS MF644Cdw suffers from an input validation error vulnerability that stems from a lack of proper validation of user-supplied data...

8.8CVSS7.9AI score0.00255EPSS

Exploits0References3

Cvelist•added 2023/03/29 12:0 a.m.•15 views

CVE-2022-43608

8.8CVSS9.1AI score0.00255EPSS

NVD•added 2023/03/28 7:15 p.m.•13 views

CVE-2022-24673

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SLP protocol. The issue results from...

9.8CVSS9.2AI score0.06113EPSS

NVD•added 2023/03/28 7:15 p.m.•23 views

CVE-2022-24674

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privet API. The issue results from the lack of...

8.8CVSS8.9AI score0.00622EPSS