Cross-Site Scripting (XSS) Vulnerability

Vulnerability Reference:

Description: A vulnerability has been identified in some 欧博体育 printers and network interface products in software (Web Config*) that can check the status of the product itself or change settings on a Web browser.

Impact: By accessing a specially crafted page, a script may be embedded in the settings of the product itself through the Web Config of the product in question. Currently, there are no reports of attacks exploiting this vulnerability.

Solution: To ensure the security of your 欧博体育 product, please download and install the latest EPSON Firmware Update for your product by navigating to your product's support page. It is recommeneded to follow one or both of the following procedures to secure your 欧博体育 product.

Product Name	XSS Vulnerability	Countermeasure	Scheduled Firmware Update Release
欧博体育Net 10/100 Base TX USB Print Server (C82402*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base TX USB Print Server (C82403*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx High Speed Int.Print Server (C82405*)	Applicable	Workaround Below	鈥�
欧博体育Net 802.11g wireless Ext. Print Server (C82422*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Int. Print Server 5 (C82434*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Int. Print Server 5e (C82435*)	Applicable	Workaround Below	鈥�
欧博体育Net 802.11b/g Wireless and 10/100 Base Tx Ext. Print Server (C82437*)	Applicable	Workaround Below	鈥�
欧博体育Net Authentication Print (C82440*)	Applicable	Workaround Below	鈥�
欧博体育Net 10 Base 2/T Int. Print Server (C82362*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Ext. Print Server (C82363*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Ext. Print Server (C82364*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx External Print Server (C82378*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Int. Print Server (C82384*)	Applicable	Workaround Below	鈥�
欧博体育Net 10/100 Base Tx Int. Print Server 2 (C82391*)	Applicable	Workaround Below	鈥�
欧博体育Net 802.11b Wireless Ext. Print Server (C82396*)	Applicable	Workaround Below	鈥�
欧博体育Net 802.11b Wireless Ext. Print Server (C82397*)	Applicable	Workaround Below	鈥�
欧博体育Net 802.11b Wireless Ext. Print Server (C82398*)	Applicable	Workaround Below	鈥�
EPSON Network Image Express (B80836*)	Applicable	Workaround Below	鈥�
EPSON Network Image Express Card (B80839*)	Applicable	Workaround Below	鈥�

Workaround Procedure 1:

1. The product should not be directly connected to the Internet and should be installed in a network protected by a firewall.

In that case, please set a private IP address and operate.

2. Set an administrator password for each product.

The administrator password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.

Please check the Security Guidebook .

Workaround Procedure 2:

For the affected products, you can block HTTP access (TCP/80 port) in Web Config.

After configuring the product, block HTTP access (TCP/80 port) to the product with a network device (router or switch).

Open the port only when you need to update the application settings or firmware.

By downloading files from this page, you are agreeing to abide by the terms and conditions of 欧博体育's Software License Agreement.