CVE-2023-4957

Authentication Bypass on Zebra ZTC

Description

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.

Remediation

Solution:

  • Zebra Printers running Link-OS v6.0 and later have a protected mode that protects the printer from this vulnerability. Activating this mode disables unauthorized changes and locks the current configuration until an administrator authorizes updates. By default, the secure mode is disabled as it is necessary to generate a password first. NOTE: the ZT410 industrial printer was discontinued on Oct 1st, 2020. The service and Support discontinuation dates are in September and December 2025 depending on region. Further information regarding security settings and best practices, including “Protected Mode”, can be found in the references. UPDATE: The vulnerability has been fixed by Zebra. The updated firmware version is Link-OS v7.3 which was released March 2025. The currently released version is Link-OS v7.4 which includes the fix that was released in the previous version.

Category

5.4
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Third-Party Advisory incibe.es
Affected: Zebra Technologies ZTC ZT410
Published at:
Updated at:

References

Link Tags
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/authentication-bypass-zebra-ztc third party advisory

Frequently Asked Questions

What is the severity of CVE-2023-4957?
CVE-2023-4957 has been scored as a medium severity vulnerability.
How to fix CVE-2023-4957?
To fix CVE-2023-4957: Zebra Printers running Link-OS v6.0 and later have a protected mode that protects the printer from this vulnerability. Activating this mode disables unauthorized changes and locks the current configuration until an administrator authorizes updates. By default, the secure mode is disabled as it is necessary to generate a password first. NOTE: the ZT410 industrial printer was discontinued on Oct 1st, 2020. The service and Support discontinuation dates are in September and December 2025 depending on region. Further information regarding security settings and best practices, including “Protected Mode”, can be found in the references. UPDATE: The vulnerability has been fixed by Zebra. The updated firmware version is Link-OS v7.3 which was released March 2025. The currently released version is Link-OS v7.4 which includes the fix that was released in the previous version.
Is CVE-2023-4957 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-4957 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-4957?
CVE-2023-4957 affects Zebra Technologies ZTC ZT410.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.