Description
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Scores
CVSS v3
9.8
EPSS
0.0007
EPSS Percentile
20.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (24)
epson/sb-h50_firmware
epson/tm-h6000v_firmware
epson/tm-l100_firmware
epson/tm-m10_firmware
epson/tm-m30_firmware
epson/tm-m30ii-h_firmware
epson/tm-m30ii-s_firmware
epson/tm-m30ii-sl_firmware
epson/tm-m30ii_firmware
epson/tm-m30iii-h_firmware
... and 14 more
Published
Mar 05, 2026
Tracked Since
Mar 05, 2026