Întrebări frecvente şi depanare

Întrebări frecvente şi depanare
  • Dată: 05/03/2024
  • ID: faq00100823_000

Web Based Management Vulnerabilities on Brother Machines: CVE-2024-21824 and CVE-2024-22475

Description

Session Management Vulnerability

Vulnerability Reference: CVE-2024-21824

Attackers can gain access to the server's setting screen by obtaining session IDs of logged-in users and impersonating them, or by stealing login credentials and tricking users into opening malicious URLs. 
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21824

 

Cross-Site Request Forgery (CSRF) Vulnerability

Vulnerability Reference: CVE-2024-22475

If authenticated users unknowingly submit requests to their machines via a malicious site set up for CSRF attacks, it may allow the attackers to change the Web Based Management settings.

Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22475

 

Affected models

Click here to see the affected models, their firmware update status, and the correct solution for each model (type A or B).

 

Possible Solutions

Type A models:

Update the machine’s firmware using the Firmware Update Tool.

 

Type B models:

  1. Update the machine’s firmware using the Firmware Update Tool.
  2. The machine will restart.
  3. Follow the instructions below to disable Web Based Management.

    LCD models:
    When the machine is in the standby mode, follow these steps to disable Web Based Management from the machine's LCD:
    Menu > 6*. Network > 4*. Web Based Management > OFF
    (* The numbers may vary depending on your model.)

    LED models (HL-12 series):
    1. Close the top cover (if open) and unplug the machine.
    2. Press and hold the power button while plugging the power cable back into the outlet.
      All LEDs will light up.
    3. Still pressing and holding the power button, open the top cover, and then close it again.
      The Error LED will turn off.
    4. Release the power button.  
      All LEDs will turn off.
    5. Press the power button 5 times. 
      The power LED will light up each time the power button is pressed.
    6. Wait for approximately 1 minute.
    7. Web Based Management is disabled. 
      You can confirm this by printing the "Printer Setting" page and checking the following setting:
      [Network Configuration] > [Web Based Management: Enabled/Disabled]
      • Follow the same steps to enable Web Based Management.
      • To reduce the likelihood of such attacks, make sure Web Based Management remains disabled until you need to use it, and then disable it again. 

Dacă nu aţi primit răspuns la întrebarea dumneavoastră, aţi verificat celelalte întrebări frecvente?

Aţi verificat manualele?

Dacă aveţi nevoie de asistenţă suplimentară, vă rugăm să contactaţi serviciul de asistenţă clienţi Brother:

Spuneţi-vă părerea despre conţinutul furnizat

Pentru a ne ajuta să îmbunătăţim serviciile de asistenţă, vă rugăm să vă spuneţi părerea.

Pasul 1: În ce mod vă ajută informaţiile de pe această pagină?

Pasul 2: Doriţi să adăugaţi comentarii?

Vă rugăm să ţineţi cont de faptul că acest formular este folosit numai pentru feedback.

Trimitere