CVE-2018-12048

Name of the Vulnerable Software and Affected Versions Canon LBP7110Cw (affected versions not specified)

Description A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for "/checkLogin.cgi" via vectors involving "/portal top.html" to get full access to the device. The vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.