CVE-2026-1789 | THREATINT

Description

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.

PUBLISHED Reserved 2026-02-03 | Published 2026-04-23 | Updated 2026-04-24 | Assigner Canon

MEDIUM: 4.9CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-807: Reliance on Untrusted Inputs in a Security Decision

Product status

all version

affected

all version

affected

all version

affected

all version

affected

v15.00 or earlier

affected

v8.12 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

v16.04 or earlier

affected

References

psirt.canon/advisory-information/cp2026-003/ vendor-advisory

canon.jp/support/support-info/260423vulnerability-response vendor-advisory

www.usa.canon.com/...nters-and-office-multifunction-printers vendor-advisory

www.canon-europe.com/support/product-security/ vendor-advisory

cve.org (CVE-2026-1789)

nvd.nist.gov (CVE-2026-1789)

Download JSON