Published:2006/10/20  Last Updated:2008/05/21

JVN#85996645
NEC MultiWriter 1700C/7500C FTP server vulnerability

Overview

NEC printers contain a vulnerability which allow connection to external FTP servers via the printer's internal FTP server. Although the printer's FTP server can connect to a target FTP server, it cannot send files to a target FTP server.

Products Affected

  • NEC MultiWriter 1700C (model number: PR-L1700C)
  • Network Expansion Card PR-L1700C-MC
  • NEC ColorMultiWriter 7500C (model number: PR-L7500C)
For more information, refer to the vendor's website.

Description

Impact

A remote attacker could possibly conduct a FTP bounce attack via the printer's FTP server against another host.

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
NEC Corporation Vulnerable 2006/10/20

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2006-000737

Update History