CVE & CISA-KEV Catalog

CVE-2018-0689

HIGHEPSS 74th pctl
8.8
CVSS v3
NVD

Description

HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 June 19, EP-707A firmware versions released prior to 2017 August 1, EP-708A firmware versions released prior to 2017 August 7, EP-709A firmware versions released prior to 2017 June 12, EP-777A firmware versions released prior to 2017 August 1, EP-807AB/AW/AR firmware versions released prior to 2017 August 1, EP-808AB/AW/AR firmware versions released prior to 2017 August 7, EP-879AB/AW/AR firmware versions released prior to 2017 June 12, EP-907F firmware versions released prior to 2017 August 1, EP-977A3 firmware versions released prior to 2017 August 1, EP-978A3 firmware versions released prior to 2017 August 7, EP-979A3 firmware versions released prior to 2017 June 12, EP-M570T firmware versions released prior to 2017 September 6, EW-M5071FT firmware versions released prior to 2017 November 2, EW-M660FT firmware versions released prior to 2018 April 19, EW-M770T firmware versions released prior to 2017 September 6, PF-70 firmware versions released prior to 2018 April 20, PF-71 firmware versions released prior to 2017 July 18, PF-81 firmware versions released prior to 2017 September 14, PX-048A firmware versions released prior to 2017 July 4, PX-049A firmware versions released prior to 2017 September 11, PX-437A firmware versions released prior to 2017 July 24, PX-M350F firmware versions released prior to 2018 February 23, PX-M5040F firmware versions released prior to 2017 November 20, PX-M5041F firmware versions released prior to 2017 November 20, PX-M650A firmware versions released prior to 2017 October 17, PX-M650F firmware versions released prior to 2017 October 17, PX-M680F firmware versions released prior to 2017 June 29, PX-M7050F firmware versions released prior to 2017 October 13, PX-M7050FP firmware versions released prior to 2017 October 13, PX-M7050FX firmware versions released prior to 2017 November 7, PX-M7070FX firmware versions released prior to 2017 April 27, PX-M740F firmware versions released prior to 2017 December 4, PX-M741F firmware versions released prior to 2017 December 4, PX-M780F firmware versions released prior to 2017 June 29, PX-M781F firmware versions released prior to 2017 June 27, PX-M840F firmware versions released prior to 2017 November 16, PX-M840FX firmware versions released prior to 2017 December 8, PX-M860F firmware versions released prior to 2017 October 25, PX-S05B/W firmware versions released prior to 2018 March 9, PX-S350 firmware versions released prior to 2018 February 23, PX-S5040 firmware versions released prior to 2017 November 20, PX-S7050 firmware versions released prior to 2018 February 21, PX-S7050PS firmware versions released prior to 2018 February 21, PX-S7050X firmware versions released prior to 2017 November 7, PX-S7070X firmware versions released prior to 2017 April 27, PX-S740 firmware versions released prior to 2017 December 3, PX-S840 firmware versions released prior to 2017 November 16, PX-S840X firmware versions released prior to 2017 December 8, PX-S860 firmware versions released prior to 2017 December 7) may allow a remote attackers to lead a user to a phishing site or execute an arbitrary script on the user's web browser.

How to fix

Remediation Available
ds-570w firmwareNVD
Affected:< 2018-03-13Fixed in:2018-03-13CVE-2018-0689derived from NVD
ds-780n firmwareNVD
Affected:< 2018-03-13Fixed in:2018-03-13CVE-2018-0689derived from NVD
ep-10va firmwareNVD
Affected:< 2017-09-04Fixed in:2017-09-04CVE-2018-0689derived from NVD
ep-30va firmwareNVD
Affected:< 2017-06-19Fixed in:2017-06-19CVE-2018-0689derived from NVD
ep-707a firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-708a firmwareNVD
Affected:< 2017-08-07Fixed in:2017-08-07CVE-2018-0689derived from NVD
ep-709a firmwareNVD
Affected:< 2017-06-12Fixed in:2017-06-12CVE-2018-0689derived from NVD
ep-777a firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-807ab firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-807ar firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-807aw firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-808ab firmwareNVD
Affected:< 2017-08-07Fixed in:2017-08-07CVE-2018-0689derived from NVD
ep-808ar firmwareNVD
Affected:< 2017-08-07Fixed in:2017-08-07CVE-2018-0689derived from NVD
ep-808aw firmwareNVD
Affected:< 2017-08-07Fixed in:2017-08-07CVE-2018-0689derived from NVD
ep-879ab firmwareNVD
Affected:< 2017-06-12Fixed in:2017-06-12CVE-2018-0689derived from NVD
ep-879ar firmwareNVD
Affected:< 2017-06-12Fixed in:2017-06-12CVE-2018-0689derived from NVD
ep-879aw firmwareNVD
Affected:< 2017-06-12Fixed in:2017-06-12CVE-2018-0689derived from NVD
ep-907f firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-977a3 firmwareNVD
Affected:< 2017-08-01Fixed in:2017-08-01CVE-2018-0689derived from NVD
ep-978a3 firmwareNVD
Affected:< 2017-08-07Fixed in:2017-08-07CVE-2018-0689derived from NVD
ep-979a3 firmwareNVD
Affected:< 2017-06-12Fixed in:2017-06-12CVE-2018-0689derived from NVD
ep-m570t firmwareNVD
Affected:< 2017-09-06Fixed in:2017-09-06CVE-2018-0689derived from NVD
ew-m5071ft firmwareNVD
Affected:< 2017-11-02Fixed in:2017-11-02CVE-2018-0689derived from NVD
ew-m660ft firmwareNVD
Affected:< 2018-04-19Fixed in:2018-04-19CVE-2018-0689derived from NVD
ew-m770t firmwareNVD
Affected:< 2017-09-06Fixed in:2017-09-06CVE-2018-0689derived from NVD
pf-70 firmwareNVD
Affected:< 2018-04-20Fixed in:2018-04-20CVE-2018-0689derived from NVD
pf-71 firmwareNVD
Affected:< 2017-07-18Fixed in:2017-07-18CVE-2018-0689derived from NVD
pf-81 firmwareNVD
Affected:< 2017-09-14Fixed in:2017-09-14CVE-2018-0689derived from NVD
px-048a firmwareNVD
Affected:< 2017-07-04Fixed in:2017-07-04CVE-2018-0689derived from NVD
px-049a firmwareNVD
Affected:< 2017-09-11Fixed in:2017-09-11CVE-2018-0689derived from NVD
px-437a firmwareNVD
Affected:< 2017-07-24Fixed in:2017-07-24CVE-2018-0689derived from NVD
px-m350f firmwareNVD
Affected:< 2018-02-23Fixed in:2018-02-23CVE-2018-0689derived from NVD
px-m5040f firmwareNVD
Affected:< 2017-11-20Fixed in:2017-11-20CVE-2018-0689derived from NVD
px-m5041f firmwareNVD
Affected:< 2017-11-20Fixed in:2017-11-20CVE-2018-0689derived from NVD
px-m650a firmwareNVD
Affected:< 2017-10-17Fixed in:2017-10-17CVE-2018-0689derived from NVD
px-m650f firmwareNVD
Affected:< 2017-10-17Fixed in:2017-10-17CVE-2018-0689derived from NVD
px-m680f firmwareNVD
Affected:< 2017-06-29Fixed in:2017-06-29CVE-2018-0689derived from NVD
px-m7050f firmwareNVD
Affected:< 2017-10-13Fixed in:2017-10-13CVE-2018-0689derived from NVD
px-m7050fp firmwareNVD
Affected:< 2017-10-13Fixed in:2017-10-13CVE-2018-0689derived from NVD
px-m7050fx firmwareNVD
Affected:< 2017-11-07Fixed in:2017-11-07CVE-2018-0689derived from NVD
px-m7070fx firmwareNVD
Affected:< 2017-04-27Fixed in:2017-04-27CVE-2018-0689derived from NVD
px-m740f firmwareNVD
Affected:< 2017-06-29Fixed in:2017-06-29CVE-2018-0689derived from NVD
px-m781f firmwareNVD
Affected:< 2017-06-27Fixed in:2017-06-27CVE-2018-0689derived from NVD
px-m840f firmwareNVD
Affected:< 2017-11-16Fixed in:2017-11-16CVE-2018-0689derived from NVD
px-m840fx firmwareNVD
Affected:< 2017-12-08Fixed in:2017-12-08CVE-2018-0689derived from NVD
px-m860f firmwareNVD
Affected:< 2017-10-25Fixed in:2017-10-25CVE-2018-0689derived from NVD
px-s05b firmwareNVD
Affected:< 2018-03-09Fixed in:2018-03-09CVE-2018-0689derived from NVD
px-s05w firmwareNVD
Affected:< 2018-03-09Fixed in:2018-03-09CVE-2018-0689derived from NVD
px-s350 firmwareNVD
Affected:< 2018-02-23Fixed in:2018-02-23CVE-2018-0689derived from NVD
px-s5040 firmwareNVD
Affected:< 2017-11-20Fixed in:2017-11-20CVE-2018-0689derived from NVD
px-s7050 firmwareNVD
Affected:< 2018-02-21Fixed in:2018-02-21CVE-2018-0689derived from NVD
px-s7050ps firmwareNVD
Affected:< 2018-02-21Fixed in:2018-02-21CVE-2018-0689derived from NVD
px-s7050x firmwareNVD
Affected:< 2017-11-07Fixed in:2017-11-07CVE-2018-0689derived from NVD
px-s7070x firmwareNVD
Affected:< 2017-04-27Fixed in:2017-04-27CVE-2018-0689derived from NVD
px-s740 firmwareNVD
Affected:< 2017-12-03Fixed in:2017-12-03CVE-2018-0689derived from NVD
px-s840 firmwareNVD
Affected:< 2017-11-16Fixed in:2017-11-16CVE-2018-0689derived from NVD
px-s840x firmwareNVD
Affected:< 2017-12-08Fixed in:2017-12-08CVE-2018-0689derived from NVD
px-s860 firmwareNVD
Affected:< 2017-12-07Fixed in:2017-12-07CVE-2018-0689derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploit Intelligence

1.65%probability of exploitation in 30 days
74thpercentile

Elevated risk: more likely to be exploited than 74% of all known CVEs.

References

Vendor Advisory1
Third-Party Advisory1
Embed a live status badge for CVE-2018-0689
CVE-2018-0689 severity badge

Markdown

[![CVE-2018-0689](https://tridentstack.com/cve/badge/CVE-2018-0689.svg)](https://tridentstack.com/cve/CVE-2018-0689)

HTML

<a href="https://tridentstack.com/cve/CVE-2018-0689"><img src="https://tridentstack.com/cve/badge/CVE-2018-0689.svg" alt="CVE-2018-0689"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.