Command execution vulnerability in Epson WebConfig
Issued: November 28, 2025
l Description:
An administrator password is required to log in to WebConfig.
A malicious third party who obtains the administrator password can execute arbitrary commands by logging in to Web Config and entering a specific string on a specific screen.
l Impact:
The product settings could be reset or ping packets could be sent to other devices.
There are no reports of attacks exploiting this vulnerability until now.
l Solution:
We strongly recommend applying a fixed firmware or taking workaround to mitigate the impact of this vulnerability.
- Apply fixed firmware:
For products that are currently on sale, we have released fixed firmware as listed below. Please download it from the Epson website and apply the update.
- Take workaround:
To ensure the security of your Epson product, we recommend end-users and their administrators to implement and maintain industry-standard security controls and practices in setting up and managing password and network to which the product is connected.
<Administrator Password>
✓ Please set a unique password for each product.
✓ The administrator password should be a complex string of characters that is difficult for others to guess, such as eight or more characters that contain not only English letters but also symbols and numbers.
<Internet Connection>
✓ Do not connect the product directly to the Internet; install it within a network protected by a firewall.
✓ Please set a private IP address for the product.
For more information on securing your Epson product, please refer “Security Guidelines”.
The security guidelines are available on the following website:
Security for printers and MFPs
Vulnerability in EPSON WebConfig / Epson Web Control for Projector Products
Issued: November 28, 2025
Vulnerability Reference: CVE-2025-64310
Thank you for your continued use of Epson products.
A vulnerability has been identified in some Epson projector products when using the software (EPSON WebConfig / Epson Web Control *1) that allows you can check the status of the product itself or change settings via a Web browser.
*1 EPSON WebConfig / Epson Web Control allows the user to check the status of the product or change the settings by entering the IP address of the product in the URL field on a web browser such as Microsoft Edge or Safari.
l Confirmed vulnerabilities
The password authentication (Web Control Password and Remote Password) of the affected product does not have a restriction or lockout mechanism, so an attacker can try an unlimited number of passwords, making the projector vulnerable to brute-force attacks. If the Web Control Password or Remote Password are discovered through the brute-force attack, a third party may be able to take control of the projector.
- Operation of turning on-off the projector, input source change etc.
- Editing content stored on a USB flash drive or SD card. (Content Playback mode compatible models)
- Capturing projected images using Remote Camera Access. (Remote Camera Access compatible models)
- Refer to projector’s log file saved on a USB flash drive. (Log Save compatible models)
l Impact of vulnerability
Currently, there are no reports of any attacks exploiting this vulnerability.
l Target products and countermeasures
- Products other than those listed in the attached file are not affected as they either do not contain the vulnerabilities or measures have been taken at the time of shipment.
- For products that are currently on sale, we plan to release countermeasure firmware as shown in the attached file. After the firmware is released and products for which the firmware has been released, we strongly recommend that you download it from the Epson website and apply the update.
- For products for which firmware will be released in the future or for which no measure firmware is scheduled to be provided, we strongly recommend that you take measures by “Workaround method”.
l Workaround method
- Installation and configuration according to the user’s guide
The product should not be directly connected to the Internet and should be installed in a network protected by a firewall. In that case, please set a private IP address and operate.
Set the Web Control Password and Remote Password for each product.
The Web Control Password and Remote Password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.
- Stronger workaround – Block HTTP (TCP/80 port and TCP/433 port) access to the product
After configuring the product, block HTTP access (TCP/80 port and TCP433 port) to the product with a network device (router or switch). Open the port only when you need to update the application settings or firmware.
* Due to blockage, the functions in EPSON WebConfig and Epson Web Control may not be available.
Regarding the Vulnerability Allowing Administrator Login via SNMP Access to Serial Numbers of Printers, Scanners, and Network Interface Products
Issued: November 28, 2025
Thank you for your continued use of Epson products.
A vulnerability has been identified in certain printers, scanners, and network interface products that allows administrator login if the product's serial number is obtained via SNMP.
l Identified Vulnerability
Some printers, scanners, and network interface products use the serial number as the default administrator password. If a malicious third party obtains the serial number via SNMP using tools on the same network, and the password has not been changed from its default value, they may be able to log in as an administrator. This could result in unauthorized control and operation of the device.
l Impact of the Vulnerability
As of now, there have been no confirmed reports of attacks exploiting this vulnerability.
l Workaround
To ensure safe and secure use of our products, please follow the installation and configuration guidelines outlined in Chapter 3 of the Security Guidebook.
・Installation location and Configuration According to the Security Guidebook
1. Administrator password
By accessing a specially crafted page, a script may be embedded in the settings of the product itself through the Web Config of the product in question.
2. Internet Connection
Do not connect the product directly to the internet, Locate the product within a network protected by a firewall, and use a private IP address for operation.
You can check the Security Guidebook [here].
Vulnerability in Web Config in Printers and Network Interface Products
Thank you for using Epson products.
A vulnerability has been identified in some Epson printers and network interface products in software (Web Config*) that can check the status of the product itself or change settings on a Web browser.
* Web Config allows you to check the status of the product or change the settings by ntering the IP address of the product in the URL field on a web browser such as Edge or Safari. Web Config may be referred to as Remote Manager in some products.
l Confirmed vulnerabilities
The following two vulnerabilities have been identified.
1.Cross-Site Scripting (XSS) Vulnerability
By accessing a specially crafted page, a script may be embedded in the settings of the product itself through the Web Config of the product in question.
2.Cross-Site Request Forgeries (CSRF) vulnerability
By accessing a specially crafted page, the settings of the product itself may be changed through the Web Config of the product.
l Impact of vulnerability
Currently, there are no reports of attacks exploiting this vulnerability.
l Target products and countermeasures
・Products other than the following are not affected because there are no vulnerabilities or measures have been taken at the time of shipment.
・For products that are currently on sale, we plan to release countermeasure firmware as follows. After the firmware is released, we strongly recommend that you download it from the Epson website and apply the update.
・For products that have not been supplied or are not scheduled to be supplied, we strongly recommend that you take measures by "Workaround method".
Product Name | XSS Vulnerability | CSRF Vulnerability | Countermeasure | Scheduled release |
SC-T3200 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: DN015N5 (MP33.0), 15 June, 2023 |
SC-T5200 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: DM015N5 (MP33.0), 15 June, 2023 |
SC-T7200 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: DW015N5 (MP33.0), 15 June, 2023 |
SC-T5200D Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MM015N5 (MP33.0), 15 June, 2023 |
SC-T7200D Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MW015N5 (MP33.0), 15 June, 2023 |
SC-P5000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: N027N2, 5 April, 2023 |
SC-P7000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LN002N6 (MP24.0), 4 July, 2023 |
SC-P9000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: LW002N6 (MP24.0), 4 July, 2023 |
SC-P6000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: NN002N6 (MP24.0), 4 July, 2023 |
SC-P8000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: NW002N6 (MP24.0), 4 July, 2023 |
SC-P20000 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: FW026N6 (MP28.0), 4 July, 2023 |
SC-S80600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: SA002N6(MP19.0), 19 June, 2023 |
SC-S60600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: HA027K2, 31 March, 2023 |
SC-S40600 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: BA027K2, 30 March, 2023 |
SC-S60600L Series | Not applicable | Applicable | Apply firmware | F/W Ver.: HC001LA, 31 March, 2023 |
SC-S80600L Series | Not applicable | Applicable | Apply firmware | F/W Ver.: SC002N6 (MP7.00), 19 June 2023 |
SC-F7200 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: CO011LA, 31 March, 2023 |
SC-F6300 Series | Not applicable | Applicable | Apply firmware | Late-September 2023 |
SC-F9400 Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MT026L5, 31 March, 2023 |
SC-F9400H Series | Not applicable | Applicable | Apply firmware | F/W Ver.: MU026L5, 31 March, 2023 |
SC-F2100 Series | Not applicable | Applicable | Apply firmware | Early-August 2023 |
TM-C7500 | Not applicable | Applicable | Apply firmware | F/W Ver.: WAI34400, 27 March, 2023 |
TM-C3500 | Not applicable | Applicable | Apply firmware | F/W Ver.: WAM32500, 27 March, 2023 |
TM-C3400 | Not applicable | Applicable | Workaround | ― |
TM-C610 | Not applicable | Applicable | Workaround | ― |
PX-B510 | Not applicable | Applicable | Workaround | ― |
PX-B500 | Not applicable | Applicable | Workaround | ― |
StylusPro3800 | Not applicable | Applicable | Workaround | ― |
StylusPro3800C | Not applicable | Applicable | Workaround | ― |
StylusPro3850 | Not applicable | Applicable | Workaround | ― |
StylusPro3880 | Not applicable | Applicable | Workaround | ― |
StylusPro3885 | Not applicable | Applicable | Workaround | ― |
StylusPro3890 | Not applicable | Applicable | Workaround | ― |
StylusPhotoR3000 | Not applicable | Applicable | Workaround | ― |
StylusPhotoR2000 | Not applicable | Applicable | Workaround | ― |
SC-P400 Series | Not applicable | Applicable | Workaround | ― |
SC-P600 Series | Not applicable | Applicable | Workaround | ― |
SC-P800 Series | Not applicable | Applicable | Workaround | ― |
StylusPro4450 | Not applicable | Applicable | Workaround | ― |
StylusPro4880 | Not applicable | Applicable | Workaround | ― |
StylusPro4880C | Not applicable | Applicable | Workaround | ― |
StylusPro7450 | Not applicable | Applicable | Workaround | ― |
StylusPro7880 | Not applicable | Applicable | Workaround | ― |
StylusPro7880C | Not applicable | Applicable | Workaround | ― |
StylusPro9450 | Not applicable | Applicable | Workaround | ― |
StylusPro9880 | Not applicable | Applicable | Workaround | ― |
StylusPro9880C | Not applicable | Applicable | Workaround | ― |
StylusPro11880 | Not applicable | Applicable | Workaround | ― |
StylusPro11880C | Not applicable | Applicable | Workaround | ― |
StylusProGS6000 | Not applicable | Applicable | Workaround | ― |
StylusProWT7900 | Not applicable | Applicable | Workaround | ― |
StylusProWT7910 | Not applicable | Applicable | Workaround | ― |
StylusPro7700 | Not applicable | Applicable | Workaround | ― |
StylusPro7710 | Not applicable | Applicable | Workaround | ― |
StylusPro7700M | Not applicable | Applicable | Workaround | ― |
StylusPro7710M | Not applicable | Applicable | Workaround | ― |
StylusPro9700 | Not applicable | Applicable | Workaround | ― |
StylusPro9710 | Not applicable | Applicable | Workaround | ― |
StylusPro4900 | Not applicable | Applicable | Workaround | ― |
StylusPro4910 | Not applicable | Applicable | Workaround | ― |
StylusPro7890 | Not applicable | Applicable | Workaround | ― |
StylusPro7908 | Not applicable | Applicable | Workaround | ― |
StylusPro7900 | Not applicable | Applicable | Workaround | ― |
StylusPro7910 | Not applicable | Applicable | Workaround | ― |
StylusPro9890 | Not applicable | Applicable | Workaround | ― |
StylusPro9908 | Not applicable | Applicable | Workaround | ― |
StylusPro9900 | Not applicable | Applicable | Workaround | ― |
StylusPro9910 | Not applicable | Applicable | Workaround | ― |
SC-T3000 Series | Not applicable | Applicable | Workaround | ― |
SC-T5000 Series | Not applicable | Applicable | Workaround | ― |
SC-T7000 Series | Not applicable | Applicable | Workaround | ― |
SC-P10000 Series | Not applicable | Applicable | Workaround | ― |
SC-S30600 Series | Not applicable | Applicable | Workaround | ― |
SC-S50600 Series | Not applicable | Applicable | Workaround | ― |
SC-S70600 Series | Not applicable | Applicable | Workaround | ― |
SC-F6000 Series | Not applicable | Applicable | Workaround | ― |
SC-F7000 Series | Not applicable | Applicable | Workaround | ― |
SC-F7100 Series | Not applicable | Applicable | Workaround | ― |
SC-F6200 Series | Not applicable | Applicable | Workaround | ― |
SC-F9200 Series | Not applicable | Applicable | Workaround | ― |
SC-F9300 Series | Not applicable | Applicable | Workaround | ― |
SC-F2000 Series | Not applicable | Applicable | Workaround | ― |
StylusPro9860 | Not applicable | Applicable | Workaround | ― |
StylusPro9906D | Not applicable | Applicable | Workaround | ― |
SC-B7000 Series | Not applicable | Applicable | Workaround | ― |
AcuLaser 2600N | Applicable | Applicable | Workaround | ― |
AcuLaser C1900 | Applicable | Applicable | Workaround | ― |
AcuLaser C2000 | Applicable | Applicable | Workaround | ― |
AcuLaser C2600N | Applicable | Applicable | Workaround | ― |
AcuLaser C2800DN | Applicable | Applicable | Workaround | ― |
AcuLaser C2800N | Applicable | Applicable | Workaround | ― |
AcuLaser C3800DN | Applicable | Applicable | Workaround | ― |
AcuLaser C3800N | Applicable | Applicable | Workaround | ― |
AcuLaser C4000 | Applicable | Applicable | Workaround | ― |
AcuLaser C4100 | Applicable | Applicable | Workaround | ― |
AcuLaser C4200DN | Applicable | Applicable | Workaround | ― |
AcuLaser C8500 | Applicable | Applicable | Workaround | ― |
AcuLaser C9000 | Applicable | Applicable | Workaround | ― |
AcuLaser C9100 | Applicable | Applicable | Workaround | ― |
AcuLaser C9200N | Applicable | Applicable | Workaround | ― |
AcuLaser C9300N | Applicable | Applicable | Workaround | ― |
AcuLaser CX28DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2000DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2010DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2300DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2310DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2400DN | Applicable | Applicable | Workaround | ― |
AcuLaser M2410DN | Applicable | Applicable | Workaround | ― |
AcuLaser M4000N | Applicable | Applicable | Workaround | ― |
AcuLaser M7000N | Applicable | Applicable | Workaround | ― |
AcuLaser M8000N | Applicable | Applicable | Workaround | ― |
AcuLaser MX20DN | Applicable | Applicable | Workaround | ― |
AcuLaser MX21DNF | Applicable | Applicable | Workaround | ― |
AL-C500DN | Applicable | Applicable | Workaround | ― |
EPL-5700 | Applicable | Applicable | Workaround | ― |
EPL-C8200 | Applicable | Applicable | Workaround | ― |
EPL-N2000 | Applicable | Applicable | Workaround | ― |
EPL-N2000K | Applicable | Applicable | Workaround | ― |
EPL-N2050 | Applicable | Applicable | Workaround | ― |
EPL-N2050+ | Applicable | Applicable | Workaround | ― |
EPL-N2700 | Applicable | Applicable | Workaround | ― |
EPL-N2750 | Applicable | Applicable | Workaround | ― |
EPL-N3000 | Applicable | Applicable | Workaround | ― |
EPL-N4000 | Applicable | Applicable | Workaround | ― |
EPL-N4000+ | Applicable | Applicable | Workaround | ― |
EPL-N7000 | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base TX USB Print Server (C82402*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base TX USB Print Server (C82403*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx High Speed Int.Print Server (C82405*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11g wireless Ext. Print Server (C82422*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server 5 (C82434*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server 5e (C82435*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b/g Wireless and 10/100 Base Tx Ext. Print Server (C82437*) | Applicable | Applicable | Workaround | ― |
EpsonNet Authentication Print (C82440*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10 Base 2/T Int. Print Server (C82362*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Ext. Print Server (C82363*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Ext. Print Server (C82364*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx External Print Server (C82378*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int. Print Server (C82384*) | Applicable | Applicable | Workaround | ― |
EpsonNet 10/100 Base Tx Int―. Print Server 2 (C82391*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82396*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82397*) | Applicable | Applicable | Workaround | ― |
EpsonNet 802.11b Wireless Ext. Print Server (C82398*) | Applicable | Applicable | Workaround | ― |
EPSON Network Image Express(B80836*) | Applicable | Applicable | Workaround | ― |
EPSON Network Image Express Card (B80839*) | Applicable | Applicable | Workaround | ― |
l Workaround method
In order for customers to use the product safely and securely, please install and configure it according to the security guidebook.
l Installation and configuration according to the security guidebook
1.Connecting to the Internet
The product should not be directly connected to the Internet and should be installed in a network protected by a firewall. In that case, please set a private IP address and operate.
2. Administration password
Set an administrator password for each product.
The administrator password should be a complex string that is difficult for others to guess, such as mixing not only English characters but also symbols and numbers to make it 8 characters or more.
Please check the Security Guidebook here.
• Stronger workaround - Block HTTP (TCP/ 80 port ) access to the product
1.Blocked by product
For the following products, you can block HTTP access (TCP/80 port) in Web Config.
• Business Printer: AcuLaser C9300N/ AcuLaser M7000N
• Commercial & Industrial Printers: SC-T3200 Series/SC-T5200 Series/SC-T7200 Series/SC-T5200D Series/SC-T7200D Series
2.Shut off by network equipment in the installation environment
After configuring the product, block HTTP access (TCP/80 port) to the product with a network device (router or switch). Open the port only when you need to update the application settings or firmware.
*Due to blockage, the functions in Web Config may not be available.