CVE-2026-1789 PUBLISHED

Assigner: Canon
Reserved: 03.02.2026 Published: 23.04.2026 Updated: 23.04.2026

A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers and office/small office multifunction printers.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6.9

Product Status

Vendor Canon Inc.
Product imagePRESS Series
Versions
  • Version all version is affected
Vendor Canon Inc.
Product imageFORCE Series
Versions
  • Version all version is affected
Vendor Canon Inc.
Product imageRUNNER ADVANCE Series
Versions
  • Version all version is affected
Vendor Canon Inc.
Product imageRUNNER Series
Versions
  • Version all version is affected
Vendor Canon Inc.
Product Satera MF7525F
Versions
  • Version v15.00 or earlier is affected
Vendor Canon Inc.
Product Satera MF7625F
Versions
  • Version v8.12 or earlier is affected
Vendor Canon Inc.
Product Satera MF7725F
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product Satera MF842CDW
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product imageCLASS X C1538iF II
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product imageCLASS X MF1538C II
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product i-SENSYS C1533iF II
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product i-SENSYS X C1538 iF II
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product i-SENSYS MF842Cdw
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product MF842CDW
Versions
  • Version v16.04 or earlier is affected
Vendor Canon Inc.
Product MF842CX
Versions
  • Version v16.04 or earlier is affected

References

Problem Types

  • CWE-807: Reliance on Untrusted Inputs in a Security Decision CWE