Cross Site Scripting Vulnerability in Epson Web Configuration Page for AirPrint

 

Vulnerability Reference: CVE-2018-5550

Release Date: January 19, 2018

Description:
 Epson has become aware of a vulnerability related to Epson’s web configuration page for AirPrint in certain Epson printer products.

Impact: This vulnerability may compromise the security of the printer’s web browser through the injection of malicious code or scripts.

Solution: Epson periodically provides firmware updates to address issues of security, performance, minor bug fixes, and to ensure your printer functions as designed. To update your printer’s firmware, run the Epson Software Updater utility and follow the step-by-step instructions. If your printer’s firmware isn't yet available (see schedule below), this utility will automatically notify you when it becomes available. Please visit our Updating your Printer's Firmware Using Epson Software Updater page for additional information.

If you haven’t already installed the Epson Software Updater utility, you can download it here.

In the meantime, and as a general rule to help secure all devices, end-users and their administrators should always implement and maintain industry-standard security controls and practices in setting up and managing their networks. Those practices include immediately replacing default passwords with strong passwords, use of up to date antivirus/malware protection, utilizing the strongest possible wireless encryption protocol and enabling appropriate firewall rules. Additionally, Epson always recommends that end users routinely check for software and firmware updates and keep their products updated to the latest software and firmware to achieve the best possible performance from their products.

Model Name

Status

L455 Available Now
L475 Available Now
L495 Available Now
L565 Available Now
L566 Available Now
L575 Available Now
L606 Available Now
L655 Available Now
PictureMate PM-525 Available Now
WF-100 Available Now
WF-5190 Available Now
WF-5690 Available Now
WF-6090 Available Now
WF-6590 Available Now
WF-R5690 Available Now
WF-R8590 Available Now
XP-411 Available Now
XP-431 Available Now
XP-441 Available Now