VYPR

Vendor CVEs

Epson

All CVEs

43 total · sorted by risk
  • CVE-2025-64310CriNov 21, 2025
    risk 0.64cvss 9.8epss 0.00

    EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.

  • CVE-2017-12861CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.03

    The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors supporting the "EasyMP"…

  • CVE-2017-12860CriOct 10, 2017
    risk 0.64cvss 9.8epss 0.03

    The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.In addition to the password, each projector…

  • CVE-2023-7326HigNov 12, 2025
    risk 0.57cvss epss 0.00

    The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory…

  • CVE-2019-20460HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW…

  • CVE-2019-20458HigNov 7, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes (and functions) without a password. The user is at no point prompted to set up a password on the device (leaving a number of devices without a password). In this case,…

  • CVE-2019-20459HigNov 7, 2024
    risk 0.55cvss 8.4epss 0.00

    An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or…

  • CVE-2024-47295HigOct 1, 2024
    risk 0.53cvss 8.1epss 0.01

    Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote unauthenticated attacker to set an arbitrary password and operate the device with an administrative privilege. As for the details of the affected versions, see the information provided by the…

  • CVE-2025-4960HigFeb 19, 2026
    risk 0.51cvss 7.8epss 0.00

    The com.epson.InstallNavi.helper tool, deployed with the EPSON printer driver installer, contains a local privilege escalation vulnerability due to multiple flaws in its implementation. It fails to properly authenticate clients over the XPC protocol and does not correctly…

  • CVE-2020-37064HigFeb 1, 2026
    risk 0.51cvss 7.8epss 0.00

    EPSON EasyMP Network Projection 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON Projector\EasyMP Network…

  • CVE-2020-36984HigJan 28, 2026
    risk 0.51cvss 7.8epss 0.00

    EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\EPSON_P2B\Printer Software\Status Monitor\ to inject…

  • CVE-2020-36975HigJan 27, 2026
    risk 0.51cvss 7.8epss 0.00

    EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common…

  • CVE-2021-47898HigJan 23, 2026
    risk 0.51cvss 7.8epss 0.00

    Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in intermediate directories to gain elevated system access.

  • CVE-2025-42598HigApr 28, 2025
    risk 0.51cvss 7.8epss 0.00

    Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may…

  • CVE-2026-39047HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.01

    Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Printing Service (JetDirect) on TCP port 9100

  • CVE-2018-14903HigAug 30, 2018
    risk 0.49cvss 7.5epss 0.01

    EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.

  • CVE-2018-14901HigAug 30, 2018
    risk 0.49cvss 7.5epss 0.01

    The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.

  • CVE-2018-14900HigAug 30, 2018
    risk 0.49cvss 7.5epss 0.01

    On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.

  • CVE-2025-66635HigDec 16, 2025
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under [References].

  • CVE-2018-5550MedFeb 8, 2018
    risk 0.43cvss 6.1epss 0.37

    Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.

  • CVE-2017-6443MedMar 15, 2017
    risk 0.43cvss 6.1epss 0.03

    Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.

  • CVE-2018-14899MedAug 30, 2018
    risk 0.40cvss 6.1epss 0.01

    On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.

  • CVE-2026-23767Mar 5, 2026
    risk 0.00cvss epss 0.00

    ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or…

  • CVE-2023-38556Aug 2, 2023
    risk 0.00cvss epss 0.01

    Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is…

  • CVE-2023-27520Apr 11, 2023
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. [Note] Web Config is the…

  • CVE-2023-23572Apr 11, 2023
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. [Note] Web Config is the software that allows users to check the status and change the…

  • CVE-2022-36133Nov 25, 2022
    risk 0.00cvss epss 0.01

    The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500 allows authentication bypass.

  • CVE-2020-9453Feb 5, 2021
    risk 0.00cvss epss 0.00

    In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. (0x9C402402 has only a NULL pointer…

  • CVE-2020-9014Feb 5, 2021
    risk 0.00cvss epss 0.00

    In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of service (BSOD) via crafted input to the virtual audio device driver with IOCTL 0x9C402402, 0x9C402406, or 0x9C40240A. \Device\EMPNSAUIO and \DosDevices\EMPNSAU are similarly…

  • CVE-2020-5681Dec 24, 2020
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified…

  • CVE-2020-28931Dec 16, 2020
    risk 0.00cvss epss 0.01

    Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by visiting a malicious website.

  • CVE-2020-28930Dec 16, 2020
    risk 0.00cvss epss 0.01

    A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.

  • CVE-2020-28929Dec 16, 2020
    risk 0.00cvss epss 0.01

    Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.

  • CVE-2020-5674Nov 24, 2020
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2020-6091May 22, 2020
    risk 0.00cvss epss 0.02

    An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An…

  • CVE-2018-0689Jan 9, 2019
    risk 0.00cvss epss 0.02

    HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions…

  • CVE-2018-0688Jan 9, 2019
    risk 0.00cvss epss 0.01

    Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions…

  • CVE-2018-19232Dec 24, 2018
    risk 0.00cvss epss 0.01

    The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to cause a denial of service via a FIRMWAREUPDATE GET request, as demonstrated by the /DOWN/FIRMWAREUPDATE/ROM1 URI.

  • CVE-2018-18960Dec 24, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find certain devices on the network, but the default version is v2c, allowing an amplification attack.

  • CVE-2018-19248Dec 24, 2018
    risk 0.00cvss epss 0.01

    The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI…

  • CVE-2018-18959Dec 24, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATION/BONJOUR is more than 251 bytes when sending data for Air Print Setting, then…

  • CVE-2015-6034Oct 28, 2015
    risk 0.00cvss epss 0.00

    EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file.

  • CVE-2010-3920Dec 8, 2010
    risk 0.00cvss epss 0.00

    The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access…