Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-24672

Published: 28/03/2023 Updated: 03/04/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Canon

Vulnerability Summary

This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw 10.02 printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CADM service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15802.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

canon d1620_firmware -

canon d1650_firmware -

canon d1520_firmware -

canon d1550_firmware -

canon mf1127c_firmware -

canon mf1238_firmware -

canon mf1238_ii_firmware -

canon mf1643i_ii_firmware -

canon mf1643if_ii_firmware -

canon mf414dw_firmware -

canon mf416dw_firmware -

canon mf419dw_firmware -

canon mf515dw_firmware -

canon mf424dw_firmware -

canon mf426dw_firmware -

canon mf429dw_firmware -

canon mf525dw_firmware -

canon mf445dw_firmware -

canon mf448dw_firmware -

canon mf449dw_firmware -

canon mf543dw_firmware -

canon mf451dw_firmware -

canon mf452dw_firmware -

canon mf453dw_firmware -

canon mf455dw_firmware -

canon mf6160dw_firmware -

canon mf6180dw_firmware -

canon mf624cdw_firmware -

canon mf628cdw_firmware -

canon mf632cdw_firmware -

canon mf634cdw_firmware -

canon mf641cw_firmware -

canon mf642cdw_firmware -

canon mf644cdw_firmware -

canon mf726cdw_firmware -

canon mf729cdw_firmware -

canon mf731cdw_firmware -

canon mf733cdw_firmware -

canon mf735cdw_firmware -

canon mf741cdw_firmware -

canon mf743cdw_firmware -

canon mf745cdw_firmware -

canon mf746cdw_firmware -

canon mf810cdn_firmware -

canon mf820cdn_firmware -

canon mf8280cw_firmware -

canon mf8580cdw_firmware -

canon lbp1127c_firmware -

canon lbp1238_firmware -

canon lbp1238_ii_firmware -

canon lbp214dw_firmware -

canon lbp215dw_firmware -

canon lbp226dw_firmware -

canon lbp227dw_firmware -

canon lbp228dw_firmware -

canon lbp236dw_firmware -

canon lbp237dw_firmware -

canon lbp251dw_firmware -

canon lbp253dw_firmware -

canon lbp612cdw_firmware -

canon lbp622cdw_firmware -

canon lbp623cdw_firmware -

canon lbp654cdw_firmware -

canon lbp664cdw_firmware -

canon ir1435i_firmware -

canon 1435if_firmware -

canon 1435p_firmware -

canon 1435i\\+_firmware -

canon 1435if\\+_firmware -

canon 1435p\\+_firmware -

canon ir1643i_firmware -

canon ir1643if_firmware -

canon wg7240_firmware -

canon wg7250_firmware -

canon wg7250f_firmware -

canon wg7250z_firmware -

References

CWE-787https://www.usa.canon.com/support/canon-product-advisories/canon-laser-printer-inkjet-printer-and-small-office-multifunctiohttps://www.zerodayinitiative.com/advisories/ZDI-22-514/https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-22-514/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook