CVE-2024-51982

{"id": "CVE-2024-51982", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@rapid7.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-06-25T08:15:32.650", "references": [{"url": "https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf", "source": "cve@rapid7.com"}, {"url": "https://github.com/sfewer-r7/BrotherVulnerabilities", "source": "cve@rapid7.com"}, {"url": "https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000", "source": "cve@rapid7.com"}, {"url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.html", "source": "cve@rapid7.com"}, {"url": "https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed", "source": "cve@rapid7.com"}, {"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007", "source": "cve@rapid7.com"}, {"url": "https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@rapid7.com", "description": [{"lang": "en", "value": "CWE-1286"}]}], "descriptions": [{"lang": "en", "value": "An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash."}, {"lang": "es", "value": "Un atacante no autenticado que se conecte al puerto TCP 9100 puede ejecutar un comando de lenguaje de trabajo de impresora (PJL) que bloquear\u00e1 el dispositivo objetivo. Este se reiniciar\u00e1, tras lo cual el atacante puede volver a ejecutar el comando para bloquearlo repetidamente. Una variable PJL mal formada, FORMLINES, se establece en un valor distinto de un n\u00famero, lo que provoca el bloqueo del dispositivo objetivo."}], "lastModified": "2025-06-26T18:58:14.280", "sourceIdentifier": "cve@rapid7.com"}