Vulnerability Details : CVE-2013-4614
Public exploit exists!
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.
Products affected by CVE-2013-4614
- cpe:2.3:h:canon:mg3100_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mg5300_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mg6100_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mp495_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mp340_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mx922_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mx870_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mx890_printer:-:*:*:*:*:*:*:*
- cpe:2.3:h:canon:mx920_printer:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4614
0.47%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-4614
-
Canon Printer Wireless Configuration Disclosure
Disclosure Date: 2013-06-18First seen: 2020-04-26auxiliary/scanner/http/canon_wirelessThis module enumerates wireless credentials from Canon printers with a web interface. It has been tested on Canon models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920. Authors: - Matt "hostess" Andreko <mandreko@accuvant.com>
CVSS scores for CVE-2013-4614
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2013-4614
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4614
-
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
404 Not Found
-
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb
metasploit-framework/canon_wireless.rb at master · rapid7/metasploit-framework · GitHub
-
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
Jump to