The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the latest version.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canon oce_colorwave_500_firmware 4.0.0.0 |