CVE-2020-6091
CRITICALEpson EB-1470Ui Firmware MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303 - Authentication Bypass via HTTP Request
Title source: llmDescription
An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1011
Various Sources x_refsource_confirm
https://epson.com/support/wa00907
Scores
CVSS v3
9.1
EPSS
0.0226
EPSS Percentile
80.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-287
CWE-288
Status
published
Products (1)
epson/eb-1470ui_firmware
Published
May 22, 2020
Tracked Since
Feb 18, 2026