Unauthorized Retrieval of Stored SMB Credentials on Canon Oce ColorWave 3500 5.1.1.0 Devices
CVE-2020-26508 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI.
Learn more about our Web App Pen Testing.