We use cookies to provide you with the best possible experience on this website. If you continue to use the website without changing your browser settings, you agree to our use of cookies on your device.

  1. HOME
  2. Support notices

Technical advisory: Security vulnerability discovered in CL4/6NX Plus printers

Additional Notice Regarding the Security Vulnerability Discovered in CL4/6NX Plus Printers

Sep 01, 2025

Summary

We have received inquiries regarding these vulnerabilities, so we would like to provide you with additional information.

Affected printers

  • CL4NX Plus (firmware versions earlier than 1.15.5-r1)
  • CL6NX Plus (firmware versions earlier than 1.15.5-r1)
  • CL4NX-J Plus (Japan model) (firmware versions earlier than 1.15.5-r1)
  • CL6NX-J Plus (Japan model) (firmware versions earlier than 1.15.5-r1)

How to check the firmware version of your printer

Please refer to the online "Operator Manual" to find out how to check the firmware version.

TOP > Various Settings of the Product > The Product's [Settings] Menu > [Information] Menu > [Build Version]

Solution

You can disable this vulnerability by implementing one of the following measures.

Change printer settings

How to change printer settings

Enable the firewall function and disable access to the WebConfig page.

Please refer to the online "Operator Manual" to find out how to change printer settings.

Firewall
TOP > Various Settings of the Product > The Product's [Settings] Menu > [Interface] Menu > [Network] > [Advanced] > [Firewall]
WebConfig
TOP > Various Settings of the Product > The Product's [Settings] Menu > [Interface] Menu > [Network] > [Advanced] > [Firewall] > [Allow Services And Ports]

For customers who are using a web browser to change settings

Since it will no longer be possible to change printer settings via a web browser,
please use one of the following methods to change the printer settings:

  • Change the settings from the printer's LCD panel
  • Use the "All-In-One Tool" application

Install firmware update

We are releasing a new printer firmware update to patch the vulnerabilities. For information on updating the firmware, please contact your nearest SATO representative or the distributor where you purchased the printer. Please contact us to arrange for an appointment.

For questions and inquiries, please fill out our contact form here.

Additional Notice Regarding the Security Vulnerability Discovered in CL4/6NX Plus Printers

Aug 04, 2025

Summary

In addition to the previously identified vulnerabilities (CWE-22, CWE-287, and CWE-863), two new vulnerabilities—CWE-78 and CWE-434—have been confirmed.
Appropriate countermeasures for these newly identified issues have already been implemented.
For further details, please refer to the sections below titled [Solution] or [Work-around].

For questions and inquiries, please fill out our contact form here.

Security vulnerability discovered in CL4/6NX Plus printers

Sep 30, 2024

Summary

Some SATO label printers were found to have vulnerabilities regarding incorrect/improper authorization (CWE-863, CWE-287) and path traversal (CWE-22) that may lead to unauthorized setting changes and file tampering, potentially impacting how printers operate.
There are no known cases of these vulnerabilities being exploited, and printer users are not at risk of data tampering or information exposure as long as users take measures to protect their systems from unauthorized access. However, we advise users to apply the following solution to your printers for improved security.

Affected printers

  • CL4/6NX Plus
  • CL4/6NX-J Plus (Japan model)

Solution

We are releasing a new printer firmware update to patch the vulnerabilities. For information on updating the firmware, please contact your nearest SATO representative or the distributor where you purchased the printer. Please contact us to arrange for an appointment.

Work-around

Users can work around the vulnerabilities by enabling the printer's firewall and disabling the WebConfig function, if you cannot have the firmware update installed due to certain technical reasons. Please note that the work-around is temporary, and that you should ideally remediate the vulnerabilities through the security patch once your situation allows for it.

  • Follow the steps below to apply the work-around. You can also refer to the “Various Settings of the Product” section in our online user manual for more information.
Enable firewall
Go to the printer's Settings menu and click Interface> Network> Advanced> Firewall> Enable.
Disable WebConfig (function for viewing or changing printer settings via web browser)
Go to the printer's Settings menu and click Interface > Network > Advanced> Firewall > Allow Services and Ports > WebConfig > Disable.

For questions and inquiries, please fill out our contact form here.

GLOBAL NETWORK

Our locations

to pagetop

Connect with us

© SATO Corporation. All rights reserved.