CVE-2023-7326

HIGH

Epson Stylus SX510W < 2023-05-13 - Denial of Service via Malformed Query Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-7326. PoCs published by Rafael Pedrero.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in the Epson Stylus SX510W printer by sending a malformed HTTP request with consecutive '&' characters, causing the device to shut down.

Description

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting in the printer process shutting down or powering off, causing a denial of service condition.

Exploits (1)

exploitdb WORKING POC
by Rafael Pedrero · textremotehardware
https://www.exploit-db.com/exploits/51441

This exploit demonstrates a Denial of Service (DoS) vulnerability in the Epson Stylus SX510W printer by sending a malformed HTTP request with consecutive '&' characters, causing the device to shut down.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Epson Stylus SX510W Printer (EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0)
No auth needed
Prerequisites: Network access to the printer's web interface · Printer IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/51441

Scores

CVSS v4 8.7
EPSS 0.0049
EPSS Percentile 37.8%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-400
Status published
Products (1)
Seiko Epson/Epson Stylus SX510W < 2023-05-13
Published Nov 12, 2025
Tracked Since Feb 18, 2026