CVE-2023-23572

Published: Apr 11, 2023Modified: Feb 11, 2025

4.8

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Exploitability: 1.7 / Impact: 2.7

Source: NVD

Description

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.

Affected (50)

Products: Epson: Lp 9200ps2 Firmware, Lp 9200ps3 Firmware, Lp 8200c Firmware, Lp 9600 Firmware, Lp 9600s Firmware, Lp 9300 Firmware, Lp 8500c Firmware, Lp 8700ps3 Firmware, Lp 9800c Firmware, Lp S5500 Firmware, Lp 9200b Firmware, Lp 9200c Firmware, Lp S4500 Firmware, Lp S6500 Firmware, Lp S7000 Firmware, Lp S5000 Firmware, Lp S4000 Firmware, Lp S6000 Firmware, Lp S5300 Firmware, Lp S5300r Firmware, Lp S300n Firmware, Lp S310n Firmware, Lp S3000 Firmware, Lp S3000r Firmware, Lp S3000z Firmware, Lp S3000ps Firmware, Lp S7500 Firmware, Lp S7500ps Firmware, Lp S3500 Firmware, Lp S4200 Firmware, Lp S9000 Firmware, Lp S7100 Firmware, Lp S8100 Firmware, Prifnw1 Firmware, Prifnw1s Firmware, Prifnw2 Firmware, Prifnw2ac Firmware, Prifnw2s Firmware, Prifnw2sac Firmware, Prifnw3 Firmware, Prifnw3s Firmware, Prifnw6 Firmware, Prifnw7 Firmware, Prifnw7u Firmware, Prifnw7s Firmware, Pa W11g Firmware, Pa W11g2 Firmware, Esnsb1 Firmware, Esnsb2 Firmware, Esifnw1 Firmware

50 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9200ps2 Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9200ps2	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9200ps3 Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9200ps3	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 8200c Firmware	All versions

Running on/with	Platform Versions
Epson Lp 8200c	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9600 Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9600	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9600s Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9600s	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9300 Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9300	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 8500c Firmware	All versions

Running on/with	Platform Versions
Epson Lp 8500c	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 8700ps3 Firmware	All versions

Running on/with	Platform Versions
Epson Lp 8700ps3	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9800c Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9800c	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S5500 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S5500	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9200b Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9200b	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp 9200c Firmware	All versions

Running on/with	Platform Versions
Epson Lp 9200c	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S4500 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S4500	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S6500 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S6500	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S7000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S7000	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S5000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S5000	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S4000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S4000	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S6000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S6000	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S5300 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S5300	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S5300r Firmware	All versions

Running on/with	Platform Versions
Epson Lp S5300r	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S300n Firmware	All versions

Running on/with	Platform Versions
Epson Lp S300n	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S310n Firmware	All versions

Running on/with	Platform Versions
Epson Lp S310n	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S3000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S3000	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S3000r Firmware	All versions

Running on/with	Platform Versions
Epson Lp S3000r	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S3000z Firmware	All versions

Running on/with	Platform Versions
Epson Lp S3000z	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S3000ps Firmware	All versions

Running on/with	Platform Versions
Epson Lp S3000ps	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S7500 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S7500	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S7500ps Firmware	All versions

Running on/with	Platform Versions
Epson Lp S7500ps	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S3500 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S3500	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S4200 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S4200	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S9000 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S9000	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S7100 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S7100	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Lp S8100 Firmware	All versions

Running on/with	Platform Versions
Epson Lp S8100	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw1 Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw1	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw1s Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw1s	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw2 Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw2	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw2ac Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw2ac	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw2s Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw2s	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw2sac Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw2sac	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw3 Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw3	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw3s Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw3s	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw6 Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw6	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw7 Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw7	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw7u Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw7u	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Prifnw7s Firmware	All versions

Running on/with	Platform Versions
Epson Prifnw7s	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Pa W11g Firmware	All versions

Running on/with	Platform Versions
Epson Pa W11g	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Pa W11g2 Firmware	All versions

Running on/with	Platform Versions
Epson Pa W11g2	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Esnsb1 Firmware	All versions

Running on/with	Platform Versions
Epson Esnsb1	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Esnsb2 Firmware	All versions

Running on/with	Platform Versions
Epson Esnsb2	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Epson Esifnw1 Firmware	All versions

Running on/with	Platform Versions
Epson Esifnw1	All versions

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (4)

https://jvn.jp/en/jp/JVN82424996/

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.epson.jp/support/misc_t/230308_oshirase.htm

Source: vultures@jpcert.or.jp

MitigationVendor Advisory

https://jvn.jp/en/jp/JVN82424996/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.epson.jp/support/misc_t/230308_oshirase.htm

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.