VYPR

Expression Home XP255

by Epson

CVEs (3)

  • CVE-2019-20460HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW…

  • CVE-2019-20458HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes (and functions) without a password. The user is at no point prompted to set up a password on the device (leaving a number of devices without a password). In this case,…

  • CVE-2019-20459HigNov 7, 2024
    risk 0.55cvss 8.4epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or…