Cross-Site Scripting Vulnerability in Brother MFC-9970CDW Printer
CVE-2013-2670

Currently unrated

Key Information:

Vendor

Brother

Status
Mfc-9970cdw Firmware
Mfc-9970cdw
Vendor
CVE Published:
14 March 2014

What is CVE-2013-2670?

The Brother MFC-9970CDW printer is susceptible to a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This security flaw is exploited through the 'QUERY_STRING' parameter when interacting with the 'admin/admin_main.html' interface. Impacted firmware versions G (1.03) and L (1.10) expose users to potential unauthorized access, emphasizing the necessity of prompt firmware updates to mitigate associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.cloudscan.me/2013/05/xss-javascript-injection-...
x_refsource_MISC
http://packetstormsecurity.com/files/121553/Brother-MFC-9...
x_refsource_MISC
http://osvdb.org/ref/93/brother-mfc-9970cdw-firmware-g-v1...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.