Check Point Advisories

Brother Devices Authorization Bypass (CVE-2017-7588)

Vulnerability
Protection

Check Point Reference:	CPAI-2017-1601
Date Published:	11 Jan 2023
Severity:	Critical
Last Updated:	Wednesday 11 January, 2023
Source:
Industry Reference:	CVE-2017-7588
Protection Provided by:	Security Gateway R81, R80, R77, R75
Who is Vulnerable?	Brother MFC-J6973CDW Brother MFC-J4420DW Brother MFC-8710DW Brother MFC-J4620DW Brother MFC-L8850CDW Brother MFC-J3720 Brother MFC-J6520DW Brother MFC-L2740DW Brother MFC-J5910DW Brother MFC-J6920DW Brother MFC-L2700DW Brother MFC-9130CW Brother MFC-9330CDW Brother MFC-9340CDW Brother MFC-J5620DW Brother MFC-J6720DW Brother MFC-L8600CDW Brother MFC-L9550CDW Brother MFC-L2720DW Brother DCP-L2540DW Brother DCP-L2520DW Brother HL-3140CW Brother HL-3170CDW Brother HL-3180CDW Brother HL-L8350CDW Brother HL-L2380DW Brother ADS-2500W Brother ADS-1000W Brother ADS-1500W
Vulnerability Description	An authorization bypass vulnerability exists in Brother devices.The vulnerability can let remote users to get a valid session ID on Web UI without authentication. A remote, unauthenticated attacker could exploit the vulnerability by sending crafted requests to the target server.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

In the IPS tab, click Protections and find the Brother Devices Authorization Bypass (CVE-2017-7588) protection using the Search tool and Edit the protection's settings.
Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name: Application Servers Protection Violation.
Attack Information: Brother Devices Authorization Bypass (CVE-2017-7588)