CVE-2022-36133

moderate-risk
Published 2022-11-25

The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass.

Do I need to act?

-
0.37% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.1/10 Critical
NETWORK / LOW complexity

Affected Products (9)

Tm-C3500 Firmware
Tm-C3510 Firmware
Tm-C3520 Firmware
Tm-C7500 Firmware
Tm-C7500G Firmware
Tm-C7510 Firmware
Tm-C7510G Firmware
Tm-C7520 Firmware
Tm-C7520G Firmware

Affected Vendors

Epson

References (4)

Vendor Advisory https://download.epson-biz.com/epson/epson_public_document.php?name=Infomation_h...
Product https://download.epson-biz.com/modules/colorworks/
Vendor Advisory https://download.epson-biz.com/epson/epson_public_document.php?name=Infomation_h...
Product https://download.epson-biz.com/modules/colorworks/
47
/ 100
moderate-risk
Severity 31/34 · Critical
Exploitability 1/34 · Minimal
Exposure 15/34 · Moderate