CVE-2017-16249

HIGH

Brother DCP-J132W Firmware < 1.20 - Denial of Service via Malformed HTTP POST Request

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-16249. PoCs published by z00n, z00n <[email protected]>, h00die, including Metasploit module auxiliary/dos/http/brother_debut_dos.

AI-analyzed exploit summary This exploit demonstrates a remote unauthenticated denial-of-service (DoS) vulnerability in Brother printers' Debut embedded HTTP server by sending a malformed HTTP POST request, causing the server to hang and eventually respond with an HTTP 500 error.

Description

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying (~300 seconds) with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic.

Exploits (2)

exploitdb WORKING POC

by z00n · pythondoshardware

https://www.exploit-db.com/exploits/43119

View Code ZIP pw:eip

This exploit demonstrates a remote unauthenticated denial-of-service (DoS) vulnerability in Brother printers' Debut embedded HTTP server by sending a malformed HTTP POST request, causing the server to hang and eventually respond with an HTTP 500 error.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Brother printers with Debut embedded httpd server <= 1.20

No auth needed

Prerequisites: Network access to the target device

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

by z00n <[email protected]>, h00die · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/brother_debut_dos.rb

View Code ZIP pw:eip

This Metasploit module exploits a Denial of Service (DoS) vulnerability in Brother Debut embedded HTTP servers by sending a malformed POST request with a mismatched Content-Length header, causing the server to hang for ~300 seconds.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Brother Debut embedded HTTP server <= 1.20

No auth needed

Prerequisites: Network access to the target printer

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory x_refsource_misc

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-017/?fid=10211

Third Party Advisory x_refsource_misc

https://www.trustwave.com/Resources/SpiderLabs-Blog/Denial-of-Service-Vulnerability-in-Brother-Printers/?page=1&year=0&month=0&LangType=1033

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/144908/Debut-Embedded-httpd-1.20-Denial-Of-Service.html

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43119/

Scores

CVSS v3 7.5

EPSS 0.5939

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (1)

brother/dcp-j132w_firmware < 1.20

Published Nov 10, 2017

Tracked Since Feb 18, 2026