CVE-2008-0303

critical

Description

The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.

References

http://www.usa.canon.com/html/security/pdf/CVA-001.pdf

http://www.securityfocus.com/bid/28042

http://www.kb.cert.org/vuls/id/568073

http://securitytracker.com/id?1019528

http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000013.html

http://jvn.jp/en/jp/JVN10056705/index.html

http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack

Details

Source: Mitre, NVD

Published: 2008-02-29

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01446

Detections

Analytics