CVE-2023-27520

CVSS V2 None CVSS V3 None
Description
Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers/network interface via a web browser. According to SEIKO EPSON CORPORATION, it is also called as Remote Manager in some products. Web Config is pre-installed in some printers/network interface provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor.
Overview
  • CVE ID
  • CVE-2023-27520
  • Assigner
  • vultures@jpcert.or.jp
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-11T09:15:08
  • Last Modified Date
  • 2023-04-18T19:38:01
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:epson:lp-9200ps2_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9200ps2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9200ps3_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9200ps3:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-8200c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-8200c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9600_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9600:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9600s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9600s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9300_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-8500c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-8500c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-8700ps3_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-8700ps3:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9800c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9800c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s5500_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s5500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9200b_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9200b:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-9200c_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-9200c:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s4500_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s4500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s6500_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s6500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s7000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s7000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s5000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s5000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s4000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s4000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s6000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s6000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s5300_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s5300:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s5300r_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s5300r:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s300n_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s300n:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s310n_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s310n:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s3000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s3000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s3000r_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s3000r:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s3000z_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s3000z:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s3000ps_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s3000ps:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s7500_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s7500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s7500ps_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s7500ps:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s3500_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s3500:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s4200_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s4200:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s9000_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s9000:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s7100_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s7100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:lp-s8100_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:lp-s8100:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw1_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw1s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw1s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw2_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw2ac_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw2ac:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw2s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw2s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw2sac_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw2sac:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw3_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw3:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw3s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw3s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw6_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw6:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw7_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw7:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw7u_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw7u:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:prifnw7s_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:prifnw7s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:pa-w11g_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:pa-w11g:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:pa-w11g2_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:pa-w11g2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:esnsb1_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:esnsb1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:esnsb2_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:esnsb2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:epson:esifnw1_firmware:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:epson:esifnw1:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://jvn.jp/en/jp/JVN82424996/
https://www.epson.jp/support/misc_t/230308_oshirase.htm
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-27520
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27520
History
Created Old Value New Value Data Type Notes
2023-04-17 04:29:18 Added to TrackCVE
2023-04-17 13:00:29 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-04-18 20:00:44 2023-04-18T19:38:01 CVE Modified Date updated
2023-04-18 20:00:44 Undergoing Analysis Analyzed Vulnerability Status updated
2023-04-18 20:00:46 Weakness Enumeration new
2023-04-18 20:00:51 CPE Information updated