Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2018-11692
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-04 Jun, 2018 | 06:29
Updated At-17 May, 2024 | 01:22

An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Canon Inc.
canon
>>lbp3370_firmware>>-
cpe:2.3:o:canon:lbp3370_firmware:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp3370>>-
cpe:2.3:h:canon:lbp3370:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp3460_firmware>>-
cpe:2.3:o:canon:lbp3460_firmware:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp3460>>-
cpe:2.3:h:canon:lbp3460:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp7750c_firmware>>-
cpe:2.3:o:canon:lbp7750c_firmware:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp7750c>>-
cpe:2.3:h:canon:lbp7750c:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp6650_firmware>>-
cpe:2.3:o:canon:lbp6650_firmware:-:*:*:*:*:*:*:*
Canon Inc.
canon
>>lbp6650>>-
cpe:2.3:h:canon:lbp6650:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gist.github.com/huykha/2dfbe97810e96a05e67359fd9e7cc9ffcve@mitre.org
Broken Link
Third Party Advisory
https://www.exploit-db.com/exploits/44844/cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
Change History
0Changes found
Details not found