Back to overview

CVE-2026-58315

MEDIUM
5.1
CVSS 4.0
Description
Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed.

Metadata

CVE ID
CVE-2026-58315
State
PUBLISHED
Assigner
jpcert
Reserved
2026-07-01 01:18 UTC
Published
2026-07-07 05:33 UTC
Last updated
2026-07-07 05:33 UTC
Primary CWE
CWE-352
Cross-site request forgery (CSRF)
Vendor / Product
SEIKO EPSON CORPORATION / Web Config
Sources
cve.org  ·  NVD

Severity & Metrics

5.1 MEDIUM CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products (1)
VendorProductPlatformVersions
SEIKO EPSON CORPORATION Web Config See the information/details provided by the vendor
Weakness (CWE)
CWESourceDescription
CWE-352 cna Cross-site request forgery (CSRF)
CVSS scores (2)
ScoreSeverityVersionSourceVector
5.1 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4.3 MEDIUM 3.0 cna CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Back to overview