Cross-Site Scripting (XSS) Vulnerability

 

Vulnerability ReferenceCVE-2023-23572

Description: A vulnerability has been identified in some Epson printers and network interface products in software (Web Config*) that can check the status of the product itself or change settings on a Web browser.

Impact: By accessing a specially crafted page, a script may be embedded in the settings of the product itself through the Web Config of the product in question. Currently, there are no reports of attacks exploiting this vulnerability.

Solution: To ensure the security of your Epson product, please download and install the latest EPSON Firmware Update for your product by navigating to your product's support page. It is recommeneded to follow one or both of the following procedures to secure your Epson product.

Product Name XSS Vulnerability Countermeasure Scheduled Firmware Update Release
EpsonNet 10/100 Base TX USB Print Server
(C82402*)
Applicable Workaround Below
EpsonNet 10/100 Base TX USB Print Server
(C82403*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx High Speed Int.Print Server
(C82405*)
Applicable Workaround Below
EpsonNet 802.11g wireless Ext. Print Server
(C82422*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Int. Print Server 5
(C82434*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Int. Print Server 5e
(C82435*)
Applicable Workaround Below
EpsonNet 802.11b/g Wireless and 10/100 Base Tx Ext. Print Server
(C82437*)
Applicable Workaround Below
EpsonNet Authentication Print
(C82440*)
Applicable Workaround Below
EpsonNet 10 Base 2/T Int. Print Server
(C82362*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Ext. Print Server
(C82363*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Ext. Print Server
(C82364*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx External Print Server
(C82378*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Int. Print Server
(C82384*)
Applicable Workaround Below
EpsonNet 10/100 Base Tx Int. Print Server 2
(C82391*)
Applicable Workaround Below
EpsonNet 802.11b Wireless Ext. Print Server
(C82396*)
Applicable Workaround Below
EpsonNet 802.11b Wireless Ext. Print Server
(C82397*)
Applicable Workaround Below
EpsonNet 802.11b Wireless Ext. Print Server
(C82398*)
Applicable Workaround Below
EPSON Network Image Express
(B80836*)
Applicable Workaround Below
EPSON Network Image Express Card
(B80839*)
Applicable Workaround Below

Workaround Procedure 1:

1. The product should not be directly connected to the Internet and should be installed in a network protected by a firewall.

In that case, please set a private IP address and operate.

2. Set an administrator password for each product.

The administrator password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.

Please check the Security Guidebook here.

Workaround Procedure 2:

For the affected products, you can block HTTP access (TCP/80 port) in Web Config. 

After configuring the product, block HTTP access (TCP/80 port) to the product with a network device (router or switch). 

Open the port only when you need to update the application settings or firmware.

By downloading files from this page, you are agreeing to abide by the terms and conditions of Epson's Software License Agreement.