CVE-2026-23767
published 2026-03-05CVE-2026-23767: ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.45%
35.7th percentile
ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| seiko_epson_corporation | esc_pos | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated TCP connections to networked Epson-compatible printers sending crafted ESC/POS command sequences from unexpected sources, as the protocol has no authentication or authorization controls. ↗
- →ESC/POS printers exposed on the network should be treated as fully unauthenticated attack surfaces; detect any network-reachable printer accepting raw TCP command streams from non-authorized hosts. ↗
- →Look for Metasploit auxiliary module execution patterns targeting printer TCP ports (commonly 9100) with ESC/POS binary command sequences as an indicator of exploitation attempts. ↗
- ·The ESC/POS protocol by design has no authentication, authorization, encryption, or integrity protection — any network-accessible printer speaking this protocol is inherently vulnerable regardless of firmware version. ↗
- ·The Metasploit module is classified as Auxiliary (not an exploit), meaning it is used to inject arbitrary ESC/POS print commands rather than achieve code execution on a host OS. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
2026-03-05
Published