常见问题解答与故障排除

Web Based Management Vulnerabilities on Brother Machines: CVE-2024-21824 and CVE-2024-22475

Description

Session Management Vulnerability

Vulnerability Reference: CVE-2024-21824

Attackers can gain access to the server's setting screen by obtaining session IDs of logged-in users and impersonating them, or by stealing login credentials and tricking users into opening malicious URLs.

Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21824

Cross-Site Request Forgery (CSRF) Vulnerability
Vulnerability Reference: CVE-2024-22475
If authenticated users unknowingly submit requests to their machines via a malicious site set up for CSRF attacks, it may allow the attackers to change the Web Based Management settings.
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22475

Possible Solutions

Click here to see the affected models and their firmware update status.
Update the machine’s firmware using the Firmware Update Tool available in your printer model’s Downloads section.

您的问题未被解答时，是否查看过其它常见问题解答？

如果需要更多的帮助，请联系 Brother 客户服务中心：

转到“联系我们”

内容反馈

请在下方提供您的反馈，帮助我们改进支持服务。

常见问题解答与故障排除

Web Based Management Vulnerabilities on Brother Machines: CVE-2024-21824 and CVE-2024-22475

您的问题未被解答时，是否查看过其它常见问题解答？

如果需要更多的帮助，请联系 Brother 客户服务中心：

内容反馈

步骤 1：本页上的信息对您有帮助吗？

步骤 2：您是否有其它意见需要添加？

支持与下载

中国(中文)