CVE-2024-51980 Information

Description

An unauthenticated attacker may perform a limited server side request forgery (SSRF) forcing the target device to open a TCP connection to an arbitrary port number on an arbitrary IP address. This SSRF leverages the WS-Addressing ReplyTo element in a Web service (HTTP TCP port 80) SOAP request. The attacker can not control the data sent in the SSRF connection nor can the attacker receive any data back. This SSRF is suitable for TCP port scanning of an internal network when the Web service (HTTP TCP port 80) is exposed across a network segment.

Reference

https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf https://github.com/sfewer-r7/BrotherVulnerabilities https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000 https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100848_000 https://support.brother.com/g/b/link.aspx?prod=lmgroup1&faqid=faqp00100620_000 https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.html https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007 https://www.toshibatec.com/information/20250625_02.html

Related CNNVD

CNNVD-202506-3140 (Published: 2025-06-25)