The security researcher Ankit Anubhav, principal researcher at NewSky Security, has discovered nearly 700 Brother printers left exposed online. Anyone can access the administration panel of the printers and take control of the devices.
Anubhav disclosed its discovery via Bleeping Computer providing it a list of exposed printers.
“Accessing a few random URLs, Bleeping has discovered a wide range of Brother printer models, such as DCP-9020CDW, MFC-9340CDW, MFC-L2700DW, or MFC-J2510, just to name a few.” states Bleeping Computer.
Bleeping Computer also forwarded the list to the popular researcher Victor Gevers that once analyzed it will notify the affected organizations.
The researcher discovered many Brother printers exposed line with factory settings, in fact, Brother ships the printers with no admin password.
Anubhav explained that the printers belong to corporate and government networks and known universities.
“I’m surprised about so many known universities included in the list,” Anubhav told Bleeping. “I am planning to reach and notify the orgs with my colleague,”
An attacker can access the administration of the printers connected to the Internet and change settings, such as their passwords, causing problems to affected organizations.
The list provided Bleeping included only printers that exposed the “password.html” file that is related to the password reset page of Brother printers. The expert notices that administration panel exposed by the printers also included options to manage a firmware update.
An attacker can exploit the exposed administration panel to deliver tainted firmware and take full control of the printers.
“An attacker could include spyware-like behavior in tainted firmware updates and have printers send copies of printed documents to an attacker’s server.” continues Bleeping Computer.
“In the case of private businesses and government organizations, this could expose very sensitive information.”
Organizations running Brother printers urge to check if the devices expose the administration panel by default online, and change the default password to prevent unauthorized access to the device.
(Security Affairs – Brother printers, IoT)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.