CVE-2018-12049

Name of the Vulnerable Software and Affected Versions Canon LBP6030w (affected versions not specified)

Description A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for "/checkLogin.cgi" via vectors involving "/portal top.html" to get full access to the device. The vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.