Skip to main content

Oce Colorwave 500 Firmware

5 CVEs product

Monthly

CVE-2020-10669 HIGH POC This Week

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Oce Colorwave 500 Firmware
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-10671 HIGH POC This Week

The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Oce Colorwave 500 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-10670 MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-10668 MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-10667 MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD
CVSS 3.1
6.1
EPSS
1.7%
EPSS 3% CVSS 7.5
HIGH POC This Week

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Oce Colorwave 500 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Oce Colorwave 500 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD
EPSS 2% CVSS 6.1
MEDIUM POC This Month

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Oce Colorwave 500 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy