CVE-2026-23767

Sažetak

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.

Reference

https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdf
https://jvn.jp/en/ta/JVNTA97995322/
https://www.epson.jp/support/misc_t/260305_oshirase.htm

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

09-03-2026 - 18:42

Objavljeno

05-03-2026 - 06:16