Oh Brother!

A security researcher has found nearly 700 Brother printers left exposed online, allowing access to the password reset function to anyone who knows what to look for.

Discovered by Ankit Anubhav, Principal Researcher at NewSky Security, the printers offer full access to their administration panel over the Internet.

A wide range of Brother printer models, such as DCP-9020CDW, MFC-9340CDW, MFC-L2700DW, or MFC-J2510, just to name a few.

One of the cause of some of these exposures is Brother shipped the printers with no admin password. Most people most likely connected the printers to their networks without realizing the admin panel was present and wide open to connections. These printers are now easy discoverable via search engines like Shodan.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s