Cross-Site Request Forgery Vulnerability in SEIKO EPSON Web Config
CVE-2026-58315

5.1MEDIUM

Key Information:

Vendor
CVE Published:
7 July 2026

What is CVE-2026-58315?

A cross-site request forgery vulnerability has been identified in SEIKO EPSON Web Config, allowing attackers to perform unintended actions if a user is tricked into viewing a malicious page while logged into the Web Config interface. This vulnerability poses a serious risk as it exploits the trust a browser has in authenticated sessions, potentially compromising sensitive configurations and user data. Users are advised to be cautious while browsing and ensure they access the Web Config through secure connections.

Affected Version(s)

Web Config See the information/details provided by the vendor

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

CVSS V3.0

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.