Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-2146

CVSS 9.8 · Critical EPSS 0.63% · P70
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-2146

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw/Satera MF551dw/Satera MF457dw firmware v05.07 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw/imageCLASS MF455dw/imageCLASS MF453dw/imageCLASS MF452dw/imageCLASS MF451dw/imageCLASS LBP237dw/imageCLASS LBP236dw/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II/imageCLASS X LBP1238 II firmware v05.07 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw/i-SENSYS MF553dw/i-SENSYS MF552dw/i-SENSYS MF455dw/i-SENSYS MF453dw/i-SENSYS LBP236dw/i-SENSYS LBP233dw/imageRUNNER 1643iF II/imageRUNNER 1643i II/i-SENSYS X 1238iF II/i-SENSYS X 1238i II/i-SENSYS X 1238P II/i-SENSYS X 1238Pr II firmware v05.07 and earlier sold in Europe.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存写
Source: NVD (National Vulnerability Database)
Vulnerability Title
Canon Small Office Multifunction Printers 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Canon Small Office Multifunction Printers是日本佳能(Canon)公司的一款小型办公多功能打印机。 Canon Small Office Multifunction Printers存在缓冲区错误漏洞,该漏洞源于WebService Authentication处理存在缓冲区溢出,可能导致执行任意代码或设备无响应。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Canon Inc.Satera MF656Cdw 05.07 and earlier -
Canon Inc.Satera MF654Cdw 05.07 and earlier -
Canon Inc.Satera MF551dw 05.07 and earlier -
Canon Inc.Satera MF457dw 05.07 and earlier -
Canon Inc.Color imageCLASS MF656Cdw 05.07 and earlier -
Canon Inc.Color imageCLASS MF654Cdw 05.07 and earlier -
Canon Inc.Color imageCLASS MF653Cdw 05.07 and earlier -
Canon Inc.Color imageCLASS MF652Cdw 05.07 and earlier -
Canon Inc.Color imageCLASS LBP633Cdw 05.07 and earlier -
Canon Inc.Color imageCLASS LBP632Cdw 05.07 and earlier -
Canon Inc.imageCLASS MF455dw 05.07 and earlier -
Canon Inc.imageCLASS MF453dw 05.07 and earlier -
Canon Inc.imageCLASS MF452dw 05.07 and earlier -
Canon Inc.imageCLASS MF451dw 05.07 and earlier -
Canon Inc.imageCLASS LBP237dw 05.07 and earlier -
Canon Inc.imageCLASS LBP236dw 05.07 and earlier -
Canon Inc.imageCLASS X MF1238 II 05.07 and earlier -
Canon Inc.imageCLASS X MF1643i II 05.07 and earlier -
Canon Inc.imageCLASS X MF1643iF II 05.07 and earlier -
Canon Inc.imageCLASS X LBP1238 II 05.07 and earlier -
Canon Inc.i-SENSYS MF657Cdw 05.07 and earlier -
Canon Inc.i-SENSYS MF655Cdw 05.07 and earlier -
Canon Inc.i-SENSYS MF651Cdw 05.07 and earlier -
Canon Inc.i-SENSYS LBP633Cdw 05.07 and earlier -
Canon Inc.i-SENSYS LBP631Cdw 05.07 and earlier -
Canon Inc.i-SENSYS MF553dw 05.07 and earlier -
Canon Inc.i-SENSYS MF552dw 05.07 and earlier -
Canon Inc.i-SENSYS MF455dw 05.07 and earlier -
Canon Inc.i-SENSYS MF453dw 05.07 and earlier -
Canon Inc.i-SENSYS LBP236dw 05.07 and earlier -
Canon Inc.i-SENSYS LBP233dw 05.07 and earlier -
Canon Inc.imageRUNNER 1643iF II 05.07 and earlier -
Canon Inc.imageRUNNER 1643i II 05.07 and earlier -
Canon Inc.i-SENSYS X 1238iF II 05.07 and earlier -
Canon Inc.i-SENSYS X 1238i II 05.07 and earlier -
Canon Inc.i-SENSYS X 1238P II 05.07 and earlier -
Canon Inc.i-SENSYS X 1238Pr II 05.07 and earlier -

II. Public POCs for CVE-2025-2146

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-2146

登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: Satera MF656Cdw
Same vendor: Canon Inc.
Same weakness: CWE-787

V. Comments for CVE-2025-2146

No comments yet

Leave a comment