Known Vulnerabilities for products from Epson
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Epson".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Epson can be found at device.report : Epson
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-28931 | Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticat... | 8.8 - HIGH | 2020-12-16 | 2020-12-17 |
| CVE-2020-28930 | A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS ... | 5.4 - MEDIUM | 2020-12-16 | 2020-12-17 |
| CVE-2020-28929 | Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacke... | 9.8 - CRITICAL | 2020-12-16 | 2021-07-21 |
| CVE-2020-12695 | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription reques... | 7.5 - HIGH | 2020-06-08 | 2023-11-07 |
| CVE-2020-9453 | In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly h... | 5.5 - MEDIUM | 2021-02-05 | 2023-02-17 |
| CVE-2020-9014 | In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted... | 5.5 - MEDIUM | 2021-02-05 | 2023-02-03 |
| CVE-2020-6091 | An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 980... | 9.1 - CRITICAL | 2020-05-22 | 2022-04-28 |
| CVE-2020-5681 | Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, an... | 7.8 - HIGH | 2020-12-24 | 2020-12-30 |
| CVE-2020-5674 | Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges ... | 7.8 - HIGH | 2020-11-24 | 2021-07-21 |
| CVE-2018-19248 | The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA device... | 9.1 - CRITICAL | 2018-12-24 | 2020-08-24 |
| CVE-2018-19232 | The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA device... | 7.5 - HIGH | 2018-12-24 | 2020-08-24 |
| CVE-2018-18960 | An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find... | 5.9 - MEDIUM | 2018-12-24 | 2020-08-24 |
| CVE-2018-18959 | An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Set... | 7.5 - HIGH | 2018-12-24 | 2020-08-24 |
| CVE-2018-14903 | EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attack... | 7.5 - HIGH | 2018-08-30 | 2018-11-08 |
| CVE-2018-14902 | The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an ... | 7.5 - HIGH | 2018-08-30 | 2018-11-08 |
| CVE-2018-14901 | The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and One... | 7.5 - HIGH | 2018-08-30 | 2019-10-03 |
| CVE-2018-14900 | On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs dir... | 7.5 - HIGH | 2018-08-30 | 2018-11-08 |
| CVE-2018-14899 | On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that... | 6.1 - MEDIUM | 2018-08-30 | 2018-11-08 |
| CVE-2018-5550 | Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, ... | 6.1 - MEDIUM | 2018-02-08 | 2019-10-09 |
| CVE-2018-0689 | HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 Ma... | 8.8 - HIGH | 2019-01-09 | 2019-02-15 |
Known software with vulnerabilities from Epson
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Epson | Airprint | 1-19-2018 |
| Application | Epson | Album Print | - |
| Application | Epson | Color Calibration Utility | - |
| Application | Epson | Colorbase | - |
| Application | Epson | Colorio Easy Print | - |
| Application | Epson | Connect | - |
| Application | Epson | Copy Utility | 3.4.0.0 |
| Application | Epson | Creativity Suite | - |
| Application | Epson | Easy Photo Print | - |
| Application | Epson | Easy Settings | - |
| Application | Epson | Easymp | 2.86 |
| Hardware | Epson | Eb-1470ui | - |
| Operating System | Epson | Eb-1470ui Firmware | - |
| Hardware | Epson | Ec-01 | - |
| Operating System | Epson | Ec-01 Firmware | - |
| Application | Epson | E-photo | - |
| Application | Epson | Event Manager | 2.1.0 |
| Application | Epson | Imaging Workshop | - |
| Application | Epson | Iprint | 6.6.3 |
| Application | Epson | Link2 | - |