CVE-2024-47295

high

Description

Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote unauthenticated attacker to set an arbitrary password and operate the device with an administrative privilege. As for the details of the affected versions, see the information provided by the vendor under [References].

References

https://www.epson.jp/support/misc_t/240930_03_oshirase.htm

https://jvn.jp/en/vu/JVNVU95133448/

https://epson.com/Support/wa00958

Details

Source: Mitre, NVD

Published: 2024-10-01

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.1

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00483