CVE-2013-4614

English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physically proximate attackers to obtain sensitive information by reading the screen of an unattended workstation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
canonmg3100_printer
-
canonmg5300_printer
-
canonmg6100_printer
-
canonmp340_printer
-
canonmp495_printer
-
canonmx870_printer
-
canonmx890_printer
-
canonmx920_printer
-
canonmx922_printer
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb
http://archives.neohapsis.com/archives/fulldisclosure/2013-06/0146.html
http://www.mattandreko.com/2013/06/canon-y-u-no-security.html
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/canon_wireless.rb