CVE-2018-19248

moderate-risk
Published 2018-12-24

The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request to the /FIRMWAREUPDATE URI.

Do I need to act?

~
1.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (3)

Epson Workforce Wf-2861 Firmware
Epson Workforce Wf-2861 Firmware
Epson Workforce Wf-2861 Firmware

Affected Vendors

Epson

References (2)

Exploit https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-20...
Exploit https://github.com/epistemophilia/CVEs/blob/master/Epson-WorkForce-WF2861/CVE-20...
44
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 4/34 · Minimal
Exposure 9/34 · Low