CVE-2013-4614

Canon MG3100/MG5300/MG6100/MP495/MX340/MX870/MX890/MX920/MX922 - Cleartext Wi-Fi PSK Exposure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4614. PoCs published by Matt, including Metasploit module auxiliary/scanner/http/canon_wireless.

AI-analyzed exploit summary This Metasploit module enumerates wireless credentials from Canon printers by querying specific HTML endpoints. It extracts SSID, encryption type, and keys from the printer's web interface without requiring authentication.

Description

English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.

Exploits (1)

metasploit SCANNER
by Matt · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb

This Metasploit module enumerates wireless credentials from Canon printers by querying specific HTML endpoints. It extracts SSID, encryption type, and keys from the printer's web interface without requiring authentication.

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Canon printers (MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920)
No auth needed
Prerequisites: Network access to the printer's web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.0285
EPSS Percentile 84.8%

Details

CWE
CWE-255
Status published
Products (9)
canon/mg3100_printer
canon/mg5300_printer
canon/mg6100_printer
canon/mp340_printer
canon/mp495_printer
canon/mx870_printer
canon/mx890_printer
canon/mx920_printer
canon/mx922_printer
Published Jun 21, 2013
Tracked Since Feb 18, 2026