HTTP Header Injection Vulnerability in SEIKO EPSON Printers and Scanners
CVE-2018-0689
What is CVE-2018-0689?
An HTTP header injection flaw in SEIKO EPSON printers and scanners can be exploited by remote attackers, enabling them to redirect users to phishing sites or execute arbitrary scripts in the user's web browser. This vulnerability affects various models across multiple firmware versions, making it imperative for users to apply the latest updates and patches to safeguard their devices and sensitive information.
Affected Version(s)
SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions release ...[truncated*]