CVE-2024-51977

Name of the Vulnerable Software and Affected Versions: Brother, FUJIFILM, RICOH, Toshiba Tec, and Konica Minolta Printers (affected versions not specified)

Description: An unauthenticated attacker with access to the HTTP service (TCP port 80), HTTPS service (TCP port 443), or IPP service (TCP port 631) can leak sensitive information from a vulnerable device. Accessing the URI path /etc/mnt info.csv via a GET request does not require authentication and returns a comma separated value (CSV) table containing the device’s model, firmware version, IP address, and serial number. The CrowdSec Network has detected exploitation attempts targeting this issue, affecting over 750 different printer models. The leaked information can be used to generate a valid administrator account.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.