Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEpson Eps Tse Server 8
HWEpsonwszystkie wersjeEpson Eps Tse Server 8 Firmware
OSEpson21.0.11
Powiązane podatności
Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows a...
A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.ph...
Brak uwierzytelniania i szyfrowania w protokole ESC/POS urządzeń Epson
The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authe...
An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1...