Lucene search

PRIOn knowledge basePRION:CVE-2023-23594

HistoryMar 31, 2023 - 7:15 p.m.

Authentication flaw

2023-03-3119:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

authentication

web client

printer

firmware

remote attackers

unauthenticated access

commands

file uploads

configuration changes

9.8 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.2%

JSON

An authentication bypass vulnerability in the web client interface for the CL4NX printer before firmware version 1.13.3-u724_r2 provides remote unauthenticated attackers with access to execute commands intended only for valid/authenticated users, such as file uploads and configuration changes.

CPENameOperatorVersion
cl4nx_plus_firmwareeq< 1.13.3u724r2

CPE	Name	Operator	Version
	cl4nx_plus_firmware	eq	< 1.13.3u724r2

References

d2n1rly8br52rx.cloudfront.net/content-blocks/files/pages/Vulnerability-Disclosure.pdf

hackandpwn.com/disclosures/CVE-2023-23594.pdf

www.satoamerica.com/products/printers/industrial-thermal-printers/cl4nx-plus