CVE-2008-0303
CVE-2008-0303 is a medium-severity vulnerability in Canon I-sensys with a CVSS 2.0 base score of 6.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.4)
- EPSS exploit prediction: 2% (79th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Canon I-sensys
- Published:
- Last modified:
Description
The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.
Frequently asked questions
- What is CVE-2008-0303?
- The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.
- How severe is CVE-2008-0303?
- CVE-2008-0303 has a CVSS 2.0 base score of 6.4, rated medium severity.
- Is CVE-2008-0303 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (79th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2008-0303?
- CVE-2008-0303 primarily affects Canon I-sensys. In total, 70 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2008-0303?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2008-0303 published?
- CVE-2008-0303 was published on 2008-02-29 and last updated on 2026-06-16.
References
- http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack
- http://jvn.jp/en/jp/JVN10056705/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000013.html
- http://securitytracker.com/id?1019528
- http://www.kb.cert.org/vuls/id/568073
- http://www.securityfocus.com/bid/28042
- http://www.usa.canon.com/html/security/pdf/CVA-001.pdf
Affected products (70)
- cpe:2.3:a:canon:i-sensys:lbp3360:*:*:*:*:*:*:*
- cpe:2.3:a:canon:i-sensys:lbp3460:*:*:*:*:*:*:*
- cpe:2.3:a:canon:i-sensys:lbp5360:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagepress:c1:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:85plus:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:105plus:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:2230:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:2270:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:2570c:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:2570ci:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:2870:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3025:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3025n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3035:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3035n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3045:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3045n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3170c:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3170ci:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3180c:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3180ci:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3530:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:3570:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:4570:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5055:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5055n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5065:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5065n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5075:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5075n:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5570:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5800c:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:5800cn:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:6570:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:6800c:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:6800cn:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:7086:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:7095:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:7095p:*:*:*:*:*:*:*
- cpe:2.3:a:canon:imagerunner:7105:*:*:*:*:*:*:*