Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Canon PIXMA MX722 Information Disclosure

Medium

Synopsis

A networked Canon PIXMA printer was detected with insecure settings.

Description

The Canon PIXMA is prone to information disclosure due to its unencrypted traffic when responding to a request from a web client. Furthermore, no authentication was detected to process this request (i.e., the admin password was not set). Any unauthenticated user on the same network would be able to sniff the network settings, including the wifi password if used.

Solution

The vendor has not issued any updates, but this vulnerability may be somewhat mitigated by setting the admin password on the Canon printer device.