Description
Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed.
Published: 2026-07-07
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Jul 2026 11:00:00 +0000

Type Values Removed Values Added
Title Cross‑Site Request Forgery in SEIKO EPSON Web Config Enables Privileged Operations

Mon, 13 Jul 2026 22:00:00 +0000

Type Values Removed Values Added
Title Cross‑Site Request Forgery in SEIKO EPSON Web Config Enables Unauthorized Operations

Sun, 12 Jul 2026 16:00:00 +0000

Type Values Removed Values Added
Title Cross‑Site Request Forgery in SEIKO EPSON Web Config Enables Unauthorized Operations

Sat, 11 Jul 2026 21:00:00 +0000

Type Values Removed Values Added
Title Web Config Cross‑Site Request Forgery Enabling Unintended Operations While Authenticated

Fri, 10 Jul 2026 02:15:00 +0000

Type Values Removed Values Added
Title Web Config Cross‑Site Request Forgery Enabling Unintended Operations While Authenticated

Thu, 09 Jul 2026 11:45:00 +0000

Type Values Removed Values Added
Title CSRF Vulnerability in SEIKO EPSON Web Config Allows Unintended Operations

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Title CSRF Vulnerability in SEIKO EPSON Web Config Allows Unintended Operations

Wed, 08 Jul 2026 05:00:00 +0000

Type Values Removed Values Added
Title Unintended Operations via Cross‑Site Request Forgery in SEIKO EPSON Web Config

Tue, 07 Jul 2026 22:45:00 +0000

Type Values Removed Values Added
Title Unintended Operations via Cross‑Site Request Forgery in SEIKO EPSON Web Config

Tue, 07 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 07 Jul 2026 06:15:00 +0000

Type Values Removed Values Added
Description Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed.
Weaknesses CWE-352
References
Metrics cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2026-07-07T13:34:14.227Z

Reserved: 2026-07-01T01:18:28.835Z

Link: CVE-2026-58315

cve-icon Vulnrichment

Updated: 2026-07-07T13:34:09.968Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-16T10:45:04Z

Weaknesses