First published: Fri Jun 01 2018(Updated: )
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Brother Hl-l2340d Firmware | <1.16 | |
Brother Hl-l2340d | ||
Brother Hl-l2380dw Firmware | <1.16 | |
Brother Hl-l2380dw |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-11581 is medium with a severity value of 4.8.
CVE-2018-11581 allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html on Brother HL series printers.
Check the firmware version of your Brother HL series printer. If it is up to version 1.16 (exclusive), it may be affected by CVE-2018-11581.
No, the Brother HL-L2340D printer is not vulnerable to CVE-2018-11581.
Update the firmware of your Brother HL series printer to a version higher than 1.16 (exclusive) to fix CVE-2018-11581.