id: epson-access-detect info: name: Epson Device Unauthorized Access Detect author: pussycat0x severity: medium description: A publicly available Epson device panel (printer, scanner, etc.) was detected. reference: - https://www.exploit-db.com/ghdb/6922 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 cwe-id: CWE-522 tags: iot,printer,panel,unauth,epson requests: - method: GET path: - "{{BaseURL}}/PRESENTATION/EPSONCONNECT" matchers-condition: and matchers: - type: word words: - "Epson Connect" - "/IMAGE/EPSONLOGO.PNG" condition: and - type: status status: - 200 extractors: - type: regex part: body group: 1 regex: - "([A-Z-0-9]+) Series" # Enhanced by mp on 2022/03/24