Web Based Management Vulnerabilities on Brother Machines: CVE-2024-21824 and CVE-2024-22475



Session Management Vulnerability

Vulnerability Reference: CVE-2024-21824

Attackers can gain access to the server's setting screen by obtaining session IDs of logged-in users and impersonating them, or by stealing login credentials and tricking users into opening malicious URLs.

Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21824


Cross-Site Request Forgery (CSRF) Vulnerability
Vulnerability Reference: CVE-2024-22475
If authenticated users unknowingly submit requests to their machines via a malicious site set up for CSRF attacks, it may allow the attackers to change the Web Based Management settings.
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22475



Possible Solutions

  1. Click here to see the affected models and their firmware update status.
  2. Update the machine’s firmware using the Firmware Update Tool available in your printer model’s Downloads section.

질문의 대답이 없는 경우 다른 FAQ를 확인했습니까?

도움이 더 필요한 경우 Brother 고객 서비스에 문의하십시오.

내용 피드백

지원을 개선하는 데 도움이 되도록 아래에 피드백을 제공하십시오.

1단계: 이 페이지의 정보가 얼마나 도움이 됩니까?

2단계: 추가할 의견이 있습니까?

이 양식은 피드백용으로만 사용됩니다.