Remote Code Execution Vulnerability in Brother Devices
CVE-2024-51983

7.5HIGH

Key Information:

Vendor

Brother Industries, Ltd

Status
Hl-l8260cdn
Hl-l8260cdw
Hl-l8360cdw
Hl-l8360cdwt
Vendor
CVE Published:
25 June 2025

Badges

👾 Exploit Exists

What is CVE-2024-51983?

An unauthenticated attacker can exploit the Web Services feature on affected Brother devices via HTTP TCP port 80. By sending a specially crafted WS-Scan SOAP request with an unexpected JobToken value, the attacker can force the device to crash. Upon crashing, the device will reboot, allowing the attacker to repeat the command, resulting in a continuous cycle of failure and disruption. This vulnerability can severely affect the availability of the device, making it crucial for users to apply necessary updates or mitigations.

Affected Version(s)

ADS-1250W 0

ADS-1350W 0

ADS-1700W 0

References

https://support.brother.com/g/b/link.aspx?prod=group2&faq...
vendor-advisory
https://support.brother.com/g/b/link.aspx?prod=group2&faq...
vendor-advisory
https://www.rapid7.com/blog/post/multiple-brother-devices...
third-party-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Stephen Fewer, Principal Security Researcher at Rapid7
.
CVE-2024-51983 : Remote Code Execution Vulnerability in Brother Devices