Laserwash G5 Firmware
CVE-2017-9630
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all versions, ProTouch ICON, all versions, and ProTouch AutoGloss, all versions. The web server does not properly verify that provided authentication information is correct.
AnalysisAI
An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. An Improper Authentication issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all versions, ProTouch ICON, all versions, and ProTouch AutoGloss, all versions. The web server does not properly verify that provided authentication information is correct. Affected products include: Pdqinc Laserwash G5 Firmware, Pdqinc Laserwash G5 S Firmware, Pdqinc Laserwash M5 Firmware, Pdqinc Laserwash 360 Firmware, Pdqinc Laserwash 360 Plus Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Laserwash G5 Firmware
View allSame weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today