VYPR
Vendor

Canon

Products
78
CVEs
92
Across products
132
Status
Private

Products

78
View all 78 products →

Recent CVEs

92
View all 92 CVEs →
  • CVE-2024-2184CriMar 11, 2024
    risk 0.64cvss 9.8epss 0.01

    Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C…

  • CVE-2018-12049CriJun 8, 2018
    risk 0.64cvss 9.8epss 0.05

    A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps…

  • CVE-2018-12048CriJun 8, 2018
    risk 0.64cvss 9.8epss 0.05

    A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the…

  • CVE-2018-11711CriJun 4, 2018
    risk 0.64cvss 9.8epss 0.05

    A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a…

  • CVE-2018-11692CriJun 4, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor reportedly responded that this issue occurs when a…

  • CVE-2025-1268CriMar 31, 2025
    risk 0.61cvss 9.4epss 0.01

    Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer…

  • CVE-2025-11843HigOct 31, 2025
    risk 0.57cvss epss 0.00

    Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API…

  • CVE-2025-3079HigMay 20, 2025
    risk 0.57cvss 8.7epss 0.01

    A passback vulnerability which relates to office/small office multifunction printers and laser printers.

  • CVE-2026-32679HigApr 23, 2026
    risk 0.51cvss 7.8epss 0.00

    The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a…

  • CVE-2025-47422HigJul 8, 2025
    risk 0.49cvss 7.5epss 0.00

    Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM.…

  • CVE-2026-9261MedJun 16, 2026
    risk 0.44cvss 6.8epss 0.00

    Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier

  • CVE-2026-1585MedFeb 27, 2026
    risk 0.44cvss 6.7epss 0.00

    An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions 1.1.2 through 1.5.0 may allow a local attacker to execute a malicious file with the privileges of the affected service.

  • CVE-2018-12111MedJun 11, 2018
    risk 0.43cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.

  • CVE-2026-9262MedJun 16, 2026
    risk 0.42cvss 6.5epss 0.00

    Use of a non-secure protocol as the default FTP configuration in Canon EOS Network Setting Tool Version 1.5.0 or earlier

  • CVE-2026-9259MedJun 16, 2026
    risk 0.42cvss 6.5epss 0.00

    Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier

  • CVE-2026-9258MedJun 16, 2026
    risk 0.42cvss 6.5epss 0.00

    Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier

  • CVE-2026-9260MedJun 16, 2026
    risk 0.40cvss 6.2epss 0.00

    Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier

  • CVE-2025-9903MedSep 29, 2025
    risk 0.38cvss 5.9epss 0.00

    Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer…

  • CVE-2025-7698MedSep 29, 2025
    risk 0.38cvss 5.9epss 0.00

    Out-of-bounds read vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer…

  • CVE-2025-9904MedSep 29, 2025
    risk 0.34cvss 5.3epss 0.00

    Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2…