Sustainability Case Studies News Events
https://sato-oceania.com/support-notices/cl4nx-plus-support-notice-sep-2024
[{country_label=Australia, country_link={url={type=CONTENT, content_id=162384821643, href=https://sato-oceania.com, href_with_scheme=null}, open_in_new_tab=false, no_follow=false, sponsored=false, user_generated_content=false, rel=}}, {country_label=New Zealand, country_link={url={type=CONTENT, content_id=177476167976, href=https://sato-oceania.com/nz, href_with_scheme=null}, open_in_new_tab=false, no_follow=false, sponsored=false, user_generated_content=false, rel=}}]
Australia
Skip to content
  1. Home
  2. Support notices
  3. Cl4nx plus support notice sep 2024
CL4NX 1279x308

Technical Advisory

Security vulnerability discovered in CL4/6NX Plus printers

Some SATO label printers were found to have vulnerabilities regarding incorrect/improper authorization (CWE-863, CWE-287) and path traversal (CWE-22) that could affect operations.

There are no known cases of these vulnerabilities being exploited, and printer users are not at risk of data tampering or information exposure as long as they take measures to protect their systems from unauthorised access. However, we advise users to apply the following workaround solution to their printers for improved security.

 

Contact Us For Firmware Download
Skip to section:

Affected Printers

  • CL4/6NX PLUS
  • CL4/6NX-J Plus (Japan model)

Details

The affected printers offer a WebConfig function for users to view or change printer settings via the web browser. This function contains features that require user login and can be vulnerable to incorrect/improper authorisation (CWE-863, CWE-287). Some features also have a path traversal (CWE-22) vulnerability that allows attackers to traverse the file system and access restricted directories. These points of vulnerability may lead to unauthorized setting changes and file tampering, potentially impacting how printers operate.

Solution

We are releasing a new printer firmware update to patch the vulnerabilities. For information on updating the firmware, please contact your nearest SATO representative or the distributor where you purchased the product. Please contact us to arrange an appointment.

Workaround Method

Users can work around the vulnerabilities by enabling the printer’s firewall and disabling the WebConfig function. However, please note that this is recommended only if you cannot have the firmware update installed due to certain technical reasons.

Follow the steps below to apply the workaround. For more information, refer to the “Various Settings of the Product” section in our online user manual.

 

Access User Manual
  • Enable Firewall

    Go to the printer’s Settings menu and click Interface> Network> Advanced> Firewall> Enable

  • Disable WebConfig

    Go to the printer’s Settings menu and click Interface> Network> Advanced> Firewall> Allow Services and Ports> WebConfig> Disable

Contact Technical Support

Let us help you with your
barcode and printing solutions!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus at dolor diam. Fusce iaculis convallis bibendum. Etiam in libero lobortis, semper dui sit amet, accumsan nunc. 

Our Solutions Contact Us
let-us-help-image