ГлавнаяУязвимости → CVE-2026-23767
9.8критическая

CVE-2026-23767

Описание

ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.

Затрагиваемое ПО
Epson Sb-h50 firmwareEpson Sb-h50Epson Tm-h6000v firmwareEpson Tm-h6000vEpson Tm-l100 firmwareEpson Tm-l100Epson Tm-m10 firmwareEpson Tm-m10Epson Tm-m30 firmwareEpson Tm-m30Epson Tm-m30ii firmwareEpson Tm-m30iiEpson Tm-m30ii-h firmwareEpson Tm-m30ii-hEpson Tm-m30ii-s firmwareEpson Tm-m30ii-sEpson Tm-m30ii-sl firmwareEpson Tm-m30ii-slEpson Tm-m30iii firmwareEpson Tm-m30iiiEpson Tm-m30iii-h firmwareEpson Tm-m30iii-hEpson Tm-m55 firmwareEpson Tm-m55Epson Tm-p20ii firmware
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdfhttps://jvn.jp/en/ta/JVNTA97995322/https://www.epson.jp/support/misc_t/260305_oshirase.htm