Brother printers vulnerable to DoS attack

Updated! Trustwave researchers revealed a vulnerability in Brother consumer and business printers and multifunction devices that can allow a denial of service attack.

The vulnerability, CVE-2017-16249, is in Brother's Debut embedded HTTP server which will allow a single malformed HTTP request to cause the server to hang making it unusable. Eventually the printer will issue an HTTP 500 error.

“The following Proof of Concept (PoC) connects to the device, sends the malformed HTTP request, waits for the server to reply (with the 500 error), and sends another malformed HTTP request.  This process is repeated indefinitely until stopped,” the Trustwave advisory said.

The flaw was made public in an advisory by Trustwave in early November after the security firm did not receive a response from Brother despite making several attempts to contact the vendor starting in September. No patch exists, but Trustwave suggests access to these devices should be limited only to authorized users by using an access control list and network segmentation.

A spokesperson from Brother UK told SC Media said the company acknowledges the issue raised by Trustwave and it is under investigation.

"We take the security of our devices extremely seriously. If a printer is connected to a private, secured network, as in most home or office environments, rather than one that is publicly accessible on the internet (open network), it is protected by a firewall, as any other device would be," the spokesperson said.

Update includes Brother UK comments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.