CVE-2018-19248

Name of the Vulnerable Software and Affected Versions Epson WorkForce WF-2861 version 10.48 LQ22I3(Recovery-mode) Epson WorkForce WF-2861 version 10.51.LQ20I6 Epson WorkForce WF-2861 version 10.52.LQ17IA

Description The issue allows remote attackers to upload a firmware file and reset the printer without authentication. This is achieved by making a request to the "DOWN/FIRMWAREUPDATE/ROM1" API endpoint and a POST request to the "FIRMWAREUPDATE" API endpoint.

Recommendations For Epson WorkForce WF-2861 version 10.48 LQ22I3(Recovery-mode), restrict access to the "DOWN/FIRMWAREUPDATE/ROM1" and "FIRMWAREUPDATE" API endpoints until a patch is available. For Epson WorkForce WF-2861 version 10.51.LQ20I6, restrict access to the "DOWN/FIRMWAREUPDATE/ROM1" and "FIRMWAREUPDATE" API endpoints until a patch is available. For Epson WorkForce WF-2861 version 10.52.LQ17IA, restrict access to the "DOWN/FIRMWAREUPDATE/ROM1" and "FIRMWAREUPDATE" API endpoints until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.