cbcvebase.
CVE-2013-4615
published 2013-06-21

CVE-2013-4615: The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a…

PriorityP335medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
15.64%
96.4th percentile
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/pages_MacUS/cgi_lan.cgi followed by a direct request to English/pages_MacUS/lan_set_content.html. NOTE: the vendor has apparently responded by stating "Canon believes that its printers will not have to deal with unauthorized access to the network from an external location as long as the printers are used in a secured environment."

Detection & IOCsextracted from sources · hover to see the quote

pathEnglish/pages_MacUS/cgi_lan.cgi
pathEnglish/pages_MacUS/lan_set_content.html
otherLAN_TXT24
  • Detect HTTP requests targeting the Canon printer CGI endpoint with a crafted LAN_TXT24 parameter, followed by a subsequent GET request to the lan_set_content.html page — this two-step sequence is the DoS trigger.
  • Monitor for HTTP POST/GET requests to 'English/pages_MacUS/cgi_lan.cgi' on Canon printer management interfaces (typically port 80); anomalous or oversized LAN_TXT24 values should be flagged.
  • A successful exploit results in a permanent device hang requiring a physical power cycle — sudden loss of printer HTTP management interface availability may indicate exploitation.
  • ·Canon's official position is that the vulnerability is only relevant if printers are exposed outside a secured/segmented network; however, any printer reachable from an untrusted network segment remains at risk.

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.