CVE-2018-15748

Name of the Vulnerable Software and Affected Versions Dell 2335dn printer with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65, and Network Firmware Version V4.02.15(2335dn MFP) 11-22-2010

Description The admin interface of the affected printer allows an authenticated attacker to retrieve the configured SMTP or LDAP password by viewing the HTML source code of the "Email Settings" webpage. In some cases, authentication can be achieved with the blank default password for the admin account.

Recommendations For Dell 2335dn printers with the specified firmware versions, consider changing the default admin password to a strong password to prevent unauthorized access. As a temporary workaround, restrict access to the admin interface to minimize the risk of exploitation. Avoid using the default blank password for the admin account.