Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Tektronix Phaser 740/750/850/930 Network Printer Administration Interface Vulnerability

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug🔗 www.seebug.org👁 20 Views

Tektronix Phaser printer network admin interface vulnerability allowing unauthorized access and printer manipulatio

Code

                                                source: http://www.securityfocus.com/bid/2659/info

A remote vulnerability exists in Tektronix Phaser network printers in the 7xx, 8xx, and 9xx series.

An attacker with access to the printer's local network (or, if no firewall is in place, any attacker) can reach the printer's admin interface, supported by the inbuilt Tektronix PhaserLink webserver.

No authentication is applied to this connection. Arbitrary pages inside the printer's administration interface may be accessed by specifying the desired page in a querystring submitted to the PhaserLink webserver.

No password or other authentication method prevent arbitrary users from making use of this interface.

Using this method, an attacker can activate the printer's 'Emergency Power Off' feature.

This can lead to improper cooling of the ink/crayon reservoir, physically damaging the device.

* The vendor has reported that the printer properly handles 'Emergency Power Off' situations, and that physical damage is unachievable.

Submit http://printername/_ncl_items.shtml&SUBJECT=1

Select "Shutdown" option = "Emergency Power Off".

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
tektronix phaserprinternetwork vulnerabilityadmin interfaceunauthorized accessprinter manipulation
20