Detections
Analytics

EPSON WF-2750 Improper Neutralization of Input During Web Page Generation (CVE-2018-14899)

medium Tenable OT Security Plugin ID 505070

Synopsis

The remote OT asset is affected by a vulnerability.

Description

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/

Plugin Details

Severity: Medium

ID: 505070

File Name: tenable_ot_epson_CVE-2018-14899.nasl

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 2/5/2026

Updated: 2/5/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2018-14899

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vulnerability Information

CPE: cpe:/o:epson:wf-2750_firmware:jp02l2

Required KB Items: Tenable.ot/EPSON

Exploit Ease: No known exploits are available

Patch Publication Date: 8/30/2018

Vulnerability Publication Date: 8/30/2018

Reference Information

CVE: CVE-2018-14899

CWE: 79