Cross-Site Request Forgery Vulnerability in SEIKO EPSON Web Config
CVE-2026-58315
5.1MEDIUM
What is CVE-2026-58315?
A cross-site request forgery vulnerability has been identified in SEIKO EPSON Web Config, allowing attackers to perform unintended actions if a user is tricked into viewing a malicious page while logged into the Web Config interface. This vulnerability poses a serious risk as it exploits the trust a browser has in authenticated sessions, potentially compromising sensitive configurations and user data. Users are advised to be cautious while browsing and ensure they access the Web Config through secure connections.
Affected Version(s)
Web Config See the information/details provided by the vendor
References
CVSS V4
Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
CVSS V3.0
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
