CVE-2024-51981
published 2025-06-25CVE-2024-51981: An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection.
Affected
682 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| brother_industries_ltd | ads-2400n | <= T | — |
| brother_industries_ltd | ads-2800w | <= T | — |
| brother_industries_ltd | ads-3000n | <= T | — |
| brother_industries_ltd | ads-3600w | <= T | — |
| brother_industries_ltd | dcp-1610w | <= ZB | — |
| brother_industries_ltd | dcp-1610we | <= ZB | — |
| brother_industries_ltd | dcp-1610wr | <= ZB | — |
| brother_industries_ltd | dcp-1612w | <= ZB | — |
| brother_industries_ltd | dcp-1612we | <= ZB | — |
| brother_industries_ltd | dcp-1612wr | <= ZB | — |
| brother_industries_ltd | dcp-1615nw | <= S | — |
| brother_industries_ltd | dcp-1616nw | <= S | — |
| brother_industries_ltd | dcp-1617nw | <= S | — |
| brother_industries_ltd | dcp-1618w | <= R | — |
| brother_industries_ltd | dcp-1622we | <= ZB | — |
| brother_industries_ltd | dcp-1623we | <= ZB | — |
| brother_industries_ltd | dcp-1623wr | <= ZB | — |
| brother_industries_ltd | dcp-7090dw | <= M | — |
| brother_industries_ltd | dcp-7180dn | <= R | — |
| brother_industries_ltd | dcp-7189dw | <= R | — |
| brother_industries_ltd | dcp-7190dn | <= V | — |
| brother_industries_ltd | dcp-7190dw | <= M | — |
| brother_industries_ltd | dcp-7195dw | <= R | — |
| brother_industries_ltd | dcp-9030cdn | <= ZE | — |
| brother_industries_ltd | dcp-b7520dw | <= V | — |