CVE-2013-4614

Canon Printers - Info Disclosure

Title source: llm

Description

English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.

Exploits (1)

metasploit SCANNER

by Matt · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb

View Code ZIP pw:eip

References (3)

[Various Sources] http://www.mattandreko.com/2013/06/canon-y-u-no-security.html

[Various Sources] https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html

Scores

EPSS 0.0801

EPSS Percentile 92.1%

Details

CWE

CWE-255

Status published

Products (9)

canon/mg3100_printer

canon/mg5300_printer

canon/mg6100_printer

canon/mp340_printer

canon/mp495_printer

canon/mx870_printer

canon/mx890_printer

canon/mx920_printer

canon/mx922_printer

Published Jun 21, 2013

Tracked Since Feb 18, 2026