Web Based Management Vulnerabilities on Brother Machines: CVE-2024-21824 and CVE-2024-22475
Description
Session Management Vulnerability
Vulnerability Reference: CVE-2024-21824
Attackers can gain access to the server's setting screen by obtaining session IDs of logged-in users and impersonating them, or by stealing login credentials and tricking users into opening malicious URLs.
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21824
Cross-Site Request Forgery (CSRF) Vulnerability
Vulnerability Reference: CVE-2024-22475
If authenticated users unknowingly submit requests to their machines via a malicious site set up for CSRF attacks, it may allow the attackers to change the Web Based Management settings.
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22475
Affected models
Click here to see the affected models, their firmware update status, and the correct solution for each model (type A or B).
Possible Solutions
Type A models:
Update the machine’s firmware using the Firmware Update Tool.
Type B models:
-
Update the machine’s firmware using the Firmware Update Tool.
-
The machine will restart.
-
Follow the instructions below to disable Web Based Management.
LCD models:
When the machine is in the standby mode, follow these steps to disable Web Based Management from the machine's LCD:
Menu > 6*. Network > 4*. Web Based Management > OFF
(* The numbers may vary depending on your model.)
LED models (HL-12 series):
-
Close the top cover (if open) and unplug the machine.
-
Press and hold the power button while plugging the power cable back into the outlet.
All LEDs will light up.
-
Still pressing and holding the power button, open the top cover, and then close it again.
The Error LED will turn off.
-
Release the power button.
All LEDs will turn off.
-
Press the power button 5 times.
The power LED will light up each time the power button is pressed.
-
Wait for approximately 1 minute.
-
Web Based Management is disabled.
You can confirm this by printing the "Printer Setting" page and checking the following setting:
[Network Configuration] > [Web Based Management: Enabled/Disabled]
-
Follow the same steps to enable Web Based Management.
-
To reduce the likelihood of such attacks, make sure Web Based Management remains disabled until you need to use it, and then disable it again.