Sign-up

ID

VAR-202309-2430


TITLE

Zhuhai Pantum Printing Technology Co., Ltd. M7160DW has an arbitrary file reading vulnerability

Trust: 0.6

sources: CNVD: CNVD-2023-57643

DESCRIPTION

M7160DW is a monochrome laser all-in-one machine that supports printing, copying and scanning functions, and can be connected via USB, wired network, LAN and WIFI. The M7160DW of Zhuhai Pantum Printing Technology Co., Ltd. has an arbitrary file reading vulnerability. Attackers can use this vulnerability to arbitrarily read files in the printer's file system without authorization.

Trust: 0.6

sources: CNVD: CNVD-2023-57643

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-57643

AFFECTED PRODUCTS

vendor:zhuhai pantum printingmodel:m7160dw 2.a.1.3scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2023-57643

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2023-57643
value: LOW

Trust: 0.6

CNVD: CNVD-2023-57643
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2023-57643

PATCH

title:Patch for Zhuhai Pantum Printing Technology Co., Ltd. M7160DW has an arbitrary file reading vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/458856

Trust: 0.6

sources: CNVD: CNVD-2023-57643

EXTERNAL IDS

db:CNVDid:CNVD-2023-57643

Trust: 0.6

sources: CNVD: CNVD-2023-57643

SOURCES

db:CNVDid:CNVD-2023-57643

LAST UPDATE DATE

2023-09-28T23:03:43.956000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-57643date:2023-09-06T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-57643date:2023-09-06T00:00:00