[Japanese]

JVNDB-2025-000056

Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series

Overview

Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series provided by SATO Corporation contain multiple vulnerabilities listed below.
  • OS command injection (CWE-78) - CVE-2025-22469
  • Unrestricted upload of file with dangerous type (CWE-434) - CVE-2025-22470
MASAHIRO IIDA of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-22470


CVSS V3 Severity:
Base Metrics:7.3 (High) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low
The above CVSS base scores have been assigned for CVE-2025-22469
Affected Products


SATO CORPORATION
  • CL4/6NX Plus, firmware versions prior to 1.15.5-r1
  • CL4/6NX-J Plus (Japan model), firmware versions prior to 1.15.5-r1

Impact

  • A remote attacker may execute an arbitrary OS command on the system with a certain non-administrative user privilege (CVE-2025-22469)
  • A remote attacker may execute an arbitrary Lua script on the system with root privilege (CVE-2025-22470)
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.

[Apply workarounds]
The developer provides workarounds for users who cannot apply the update.

Refer to the information provided by the developer for details.
Vendor Information

SATO CORPORATION
CWE (What is CWE?)

  1. OS Command Injection(CWE-78) [IPA Evaluation]
  2. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2025-22469
  2. CVE-2025-22470
References

  1. JVN : JVN#16547726
Revision History

  • [2025/08/06]
      Web page was published