CVE-2019-14339
N/A
N/A
Summary
The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://play.google.com/store/apps/details?id=jp.co.canon.bsd.ad.pixmaprint&hl=en_US
- http://packetstormsecurity.com/files/154266/Canon-PRINT-2.5.5-URI-Injection.html
References
- https://play.google.com/store/apps/details?id=jp.co.canon.bsd.ad.pixmaprint&hl=en_US
- http://packetstormsecurity.com/files/154266/Canon-PRINT-2.5.5-URI-Injection.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.