Cross-site request forgery in Seiko Epson Corporation products - CVE-2026-58315
Published: July 8, 2026
EW-M5610FT
EW-M754TW
EW-M752TB
EW-M752T
EW-M674FT
EW-M670FTW
EW-M670FT
EW-M634T
EW-M630TW
EW-M630TB
EW-M571T
EW-M754TB
EW-M531F
EW-M530F
EW-456A
EW-452A
EW-056A
EW-052A
EP-M553T
EP-M552T
EP-M476T
PX-S05W
FF-680W
SC-F150
PX-S505
PX-S5010
PX-S270T
PX-S170T
PX-S161T
PX-S155
PX-S06W
PX-S06B
EP-982A3
PX-S05B
PX-M270T
PX-M270FT
PX-M161T
EW-M973A3T
EW-M873T
EW-M757TP
EW-M757TB
EW-M757TW
EP-810AW
EP-880AR
EP-880AW
EP-880AB
EP-816A
EP-815A
EP-814A
EP-813A
EP-812A
EP-811AW
EP-811AB
EP-880AN
EP-810AB
EP-716A
EP-715A
EP-714A
EP-713A
EP-712A
EP-711A
EP-710A
EP-50V
EP-883AR
EP-886AR
EP-886AW
EP-886AB
EP-885AR
EP-885AW
EP-885AB
EP-884AR
EP-884AW
EP-884AB
EP-315
EP-883AW
EP-883AB
EP-882AR
EP-882AW
EP-882AB
EP-881AN
EP-881AR
EP-881AW
EP-881AB
Detailed vulnerability description
The vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin in Web Config. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.