CWE
79
Advisory Published
Updated

CVE-2021-20877: XSS

First published: Tue Feb 08 2022(Updated: )

Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series (MF113W/MF212W/MF217W/MF227DW/MF229DW, MF232W/MF244DW/MF247DW/MF249DW, MF264DW/MF267DW/MF269DW/MF269DW VP, and MF4570DN/MF4570DW/MF4770N/MF4880DW/MF4890DW) and imageCLASS LBP Series (LBP113W/LBP151DW/LBP162DW ) sold in the US, and iSENSYS (LBP162DW, LBP113W, LBP151DW, MF269dw, MF267dw, MF264dw, MF113w, MF249dw, MF247dw, MF244dw, MF237w, MF232w, MF229dw, MF217w, MF212w, MF4780w, and MF4890dw) and imageRUNNER (2206IF, 2204N, and 2204F) sold in Europe) allows remote attackers to inject an arbitrary script via unspecified vectors.

Credit: vultures@jpcert.or.jp

Affected SoftwareAffected VersionHow to fix
Canon 2204f
Canon 2204n
Canon 2206if
Canon Lbp113w
Canon Lbp151dw
Canon Lbp162
Canon Lbp162dw
Canon Lbp162l
Canon Mf113w
Canon Mf212w
Canon Mf217w
Canon Mf222dw
Canon Mf224dw
Canon Mf227dw
Canon Mf229dw
Canon Mf232w
Canon MF237w
Canon Mf242dw
Canon Mf244dw
Canon Mf245dw
Canon Mf247dw
Canon Mf249dw
Canon Mf262dw
Canon Mf264dw
Canon Mf265dw
Canon Mf267dw
Canon Mf269dw
Canon Mf269dw Vp
Canon Mf4570dn
Canon Mf4570dw
Canon Mf4770n
Canon Mf4780w
Canon Mf4880dw
Canon Mf4890dw

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2021-20877?

    The severity of CVE-2021-20877 is medium with a severity value of 4.8.

  • Which Canon devices are affected by CVE-2021-20877?

    Canon laser printers and small office multifunctional printers including models: LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series (MF113W/MF212W/MF217W/MF227DW/MF229…

  • What is the Common Weakness Enumeration (CWE) for CVE-2021-20877?

    The Common Weakness Enumeration (CWE) for CVE-2021-20877 is CWE-79 (Cross-site Scripting).

  • How severe is the vulnerability in Canon laser printers and small office multifunctional printers?

    The vulnerability in Canon laser printers and small office multifunctional printers is considered medium severity.

  • Where can I find more information about CVE-2021-20877?

    You can find more information about CVE-2021-20877 at the following references: [Link 1](https://cweb.canon.jp/e-support/info/211221xss.html), [Link 2](https://jvn.jp/en/jp/JVN64806328/index.html), [Link 3](https://jvn.jp/jp/JVN64806328/index.html).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203