CVE-2021-43471

HIGH

Canon LBP223dw Firmware - Unauthenticated Denial of Service via System Manager Mode

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-43471. PoCs published by cxaqhq.

AI-analyzed exploit summary This repository documents a denial of service vulnerability in Canon LBP223 printers where unauthorized access to the System Manager Mode allows remote shutdown without authentication. The README includes screenshots demonstrating the exploit but lacks executable code.

Description

In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability.

Exploits (1)

nomisec WRITEUP

by cxaqhq · poc

https://github.com/cxaqhq/CVE-2021-43471

View Code ZIP pw:eip

This repository documents a denial of service vulnerability in Canon LBP223 printers where unauthorized access to the System Manager Mode allows remote shutdown without authentication. The README includes screenshots demonstrating the exploit but lacks executable code.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Canon LBP223 printer

No auth needed

Prerequisites: Network access to the printer's management interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/cxaqhq/cve-1

Scores

CVSS v3 7.5

EPSS 0.0144

EPSS Percentile 69.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-521

Status published

Products (1)

canon/lbp223dw_firmware

Published Dec 06, 2021

Tracked Since Feb 18, 2026