CWE
287
Advisory Published
Updated

CVE-2017-7588

First published: Wed Apr 12 2017(Updated: )

On certain Brother devices, authorization is mishandled by including a valid AuthCookie cookie in the HTTP response to a failed login attempt. Affected models are: MFC-J6973CDW MFC-J4420DW MFC-8710DW MFC-J4620DW MFC-L8850CDW MFC-J3720 MFC-J6520DW MFC-L2740DW MFC-J5910DW MFC-J6920DW MFC-L2700DW MFC-9130CW MFC-9330CDW MFC-9340CDW MFC-J5620DW MFC-J6720DW MFC-L8600CDW MFC-L9550CDW MFC-L2720DW DCP-L2540DW DCP-L2520DW HL-3140CW HL-3170CDW HL-3180CDW HL-L8350CDW HL-L2380DW ADS-2500W ADS-1000W ADS-1500W.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Brother Mfc Firmware
Brother Mfc-8710dw
Brother Mfc-9130cw
Brother Mfc-9330cdw
Brother Mfc-9340cdw
Brother Mfc-j3720
Brother Mfc-j4420dw
Brother Mfc-j4620dw
Brother Mfc-j5620dw
Brother Mfc-j5910dw
Brother Mfc-j6520dw
Brother Mfc-j6720dw
Brother Mfc-j6920dw
Brother Mfc-j6973cdw
Brother Mfc-l2700dw
Brother Mfc-l2720dw
Brother Mfc-l2740dw
Brother Mfc-l8600cdw
Brother Mfc-l8850cdw
Brother Mfc-l9550cdw
Brother Dcp Firmware
Brother Dcp-l2520dw
Brother Dcp-l2540dw
Brother Ads Firmware
Brother Ads-1000w
Brother Ads-1500w
Brother Ads-2500w
Brother Hl Firmware
Brother Hl-3140cw
Brother Hl-3170cdw
Brother Hl-3180cdw
Brother Hl-l2380dw
Brother Hl-l8350cdw

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203