Zum Hauptinhalt gehen

Security Announcement

Cross-Site Scripting (XSS) Vulnerability in Embedded Web Server on MFPs/Printers
Dear Customers,

The vulnerability was found in the Embedded Web Server* installed in below MFPs and Printers.

*Note: Embedded Web Server refers to the web home page that is installed in the MFP/Printer from which you can verify the operating status of the machine and make settings related to security, network printing, e-mail transmission and advanced networking.

A malicious attacker could cause arbitrary scripting code to be executed on the clientside web browser while the user is accessing the Embedded Web Server.

To avoid such an effect, please do not access other web sites when accessing the Embedded Web Server.
Products

  • CD 5240 / DC 6240 / CD 5140 / DC 6140
  • CD5030 / DC6030 / CD 5025 / DC6025 / CD 5025P / DC 6025P

For more information, please contact your local dealer.