https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462251#M1389 <P>Thanks for posting!<BR /><BR />While our Forum Community members are welcome to chime in, Canon does not provide direct support for imageRUNNER series products, but your dealer will be able to help you! You should be able to find a decal on the front or side of your unit with your dealer's contact information.<BR /><BR />If you don't have a dealer, please call us at 1-800-OK-CANON (1-800-652-2666), and we will be happy to provide you with the names of dealers in your area!</P> Thu, 15 Feb 2024 13:51:19 GMT Stephen 2024-02-15T13:51:19Z https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462249#M1388 <P>Dear Support,</P><P>In our company we are using a Canon ImageRunner Advance DX C3725 printer and we have an issue that it is considered to be a vulnerability and the recommendation given to troubleshoot this issue is to contact the vendor.&nbsp;</P><P>Please find below the description of the vulnerability:</P><P>"The Web Server uses plain-text form based authentication. A web page exists on the target host which uses an HTML login form. This data is sent from the client to the server in plain-text. An attacker with access to the network traffic to and from the target host may be able to obtain login credential for other users by sniffing the network"</P><P>How can we solve this issue that it's considered to be a vulnerability?</P> Thu, 15 Feb 2024 14:03:40 GMT https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462249#M1388 Wozy24 2024-02-15T14:03:40Z https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462251#M1389 <P>Thanks for posting!<BR /><BR />While our Forum Community members are welcome to chime in, Canon does not provide direct support for imageRUNNER series products, but your dealer will be able to help you! You should be able to find a decal on the front or side of your unit with your dealer's contact information.<BR /><BR />If you don't have a dealer, please call us at 1-800-OK-CANON (1-800-652-2666), and we will be happy to provide you with the names of dealers in your area!</P> Thu, 15 Feb 2024 13:51:19 GMT https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462251#M1389 Stephen 2024-02-15T13:51:19Z https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462259#M1390 <P>Greetings,</P><P>I suspect your Image Runner is behind a firewall.&nbsp; This means that someone would have to be on your internal network to access or intercept plain text being sent to / from its webserver. If you enable <STRONG>https</STRONG>, the traffic and connection would be encrypted.&nbsp; You can review recommendations for hardening security here:&nbsp; &nbsp;</P><P><A href="https://www.usa.canon.com/bin/canon/downloadasset?path=/content/dam/canon-assets/brochures/business/security/iRADV-Security-Hardening-Guide.pdf" target="_blank" rel="noopener">downloadasset (canon.com)</A>&nbsp;&nbsp;</P> Thu, 15 Feb 2024 14:58:26 GMT https://community.usa.canon.com/t5/Production-Printing/imageRUNNER-ADVANCE-DX-C3725-Web-Server-Uses-Plain-Text-Form/m-p/462259#M1390 shadowsports 2024-02-15T14:58:26Z