Created
November 10, 2022 15:05
-
-
Save zaee-k/de42a5d40661f9b6123a65c13e82aac8 to your computer and use it in GitHub Desktop.
Brother CVE-2017-12568 Reporting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother | |
| DCP-J132W (and probably other DCP models) allows remote attackers to | |
| hang the printer (disrupting its network connection) by sending a | |
| large amount of HTTP packets. | |
| ------------------------------------------ | |
| [Vulnerability Type Other] | |
| CWE-400, Denial of Service | |
| ------------------------------------------ | |
| [Vendor of Product] | |
| Brother | |
| ------------------------------------------ | |
| [Affected Product Code Base] | |
| DCP-J132W - H | |
| ------------------------------------------ | |
| [Affected Component] | |
| Debut embedded httpd 1.20 (Brother/HP printer http admin) is affected | |
| ------------------------------------------ | |
| [Attack Type] | |
| Remote | |
| ------------------------------------------ | |
| [Impact Denial of Service] | |
| true | |
| ------------------------------------------ | |
| [Attack Vectors] | |
| To exploit this vulnerability, the affected device must be connected to the same network as the attacker. | |
| ------------------------------------------ | |
| [Has vendor confirmed or acknowledged the vulnerability?] | |
| true | |
| ------------------------------------------ | |
| [Discoverer] | |
| zaeek @ GBTISA |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment