Description
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface password hash can be retrieved without authentication, because the response header of any failed login attempt returns an incomplete authorization cookie. The value of the authorization cookie is the MD5 hash of the password in hexadecimal. An attacker can easily derive the true MD5 hash from this, and use offline cracking attacks to obtain administrative access to the device.
References (4)
Core 4
Core References
Mailing List mailing-list
https://seclists.org/fulldisclosure/2024/Jul/14
Various Sources
https://global.brother
Various Sources
https://support.brother.com/g/s/security/en/index.html
Mailing List
http://seclists.org/fulldisclosure/2024/Jul/14
Scores
CVSS v3
9.1
EPSS
0.0073
EPSS Percentile
49.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-276
Status
published
Published
Nov 07, 2024
Tracked Since
Feb 18, 2026