Epson L14150 Buffer Overflow Vulnerability in RAW Printing Service via TCP Port 9100

A buffer overflow vulnerability has been identified in the Epson L14150 printer, specifically in the FL27PB firmware version. This vulnerability allows remote, unauthenticated attackers to execute arbitrary code by sending crafted network payloads through the RAW Printing Service (JetDirect/AppSocket) on TCP port 9100. The issue arises from the printer's handling of malformed print job data, leading to memory corruption and potential exploitation.

Impact

Exploitation of this vulnerability can cause memory corruption, destabilize the printer's parsing engine, disrupt normal firmware operations, and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending specially crafted RAW print job payloads to the printer over TCP port 9100. This can be done using a custom Python script that exploits the buffer overflow by targeting the printer's memory management. The script can be integrated into a tool called 'PrintHack', which automates the exploitation process.