CVSS: 10.0EPSS: 27%CPEs: 43EXPL: 0CVE-2011-4161
https://notcve.org/view.php?id=CVE-2011-4161
The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update. La configuración por defecto de la impresora HP CM8060 Color MFP con Edgeline, y las impresoras HP Color 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx y Enterprise CPxxxx; las Digital Sender 9200c y 9250c; LaserJet 4xxx, 5200, 90XX, Mxxxx y Pxxxx y LaserJet Enterprise 500 color M551, 600, M4555 MFP, y P3015 permite la actualización remota del firmware (RFU), lo que permite a atacantes remotos ejecutar código de su elección mediante la apertura de una sesión en el puerto TCP 9100 para subir una actualización de firmware diseñada por el atacante. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03102449 http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112 http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say http://secunia.com/advisories/47063 http://www.kb.cert.org/vuls/id/717921 http://www.securityfocus.com/bid/51324 http://www.securitytracker.com/id?1026357 https://lists.immunityinc.com/pipermail/dailydave/ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 5%CPEs: 8EXPL: 5CVE-2010-4107 – HP JetDirect PJL - Interface Universal Directory Traversal
https://notcve.org/view.php?id=CVE-2010-4107
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack. La configuración por defecto del valor PJL Access en las opciones de File System External Access de las impresoras HP LaserJet MFP, Color LaserJet MFP, LaserJet 4100, 4200, 4300, 5100, 8150, y 9000, activan los comandos PJL que usa el sistema de archivos del dispositivo, lo que permite a atacantes remotos la lectura de archivos de su elección a través de un comando en el trabajo activo como se ha demostrado con un ataque de salto de directorio. A directory traversal vulnerability has been found in the PJL file system access interface of various HP LaserJet MFP devices. File system access through PJL is usually restricted to a specific part of the file system. Using a pathname such as 0:\..\..\..\ it is possible to get access to the complete file system of the device. • https://www.exploit-db.com/exploits/17635 https://www.exploit-db.com/exploits/17636 https://www.exploit-db.com/exploits/15631 https://www.exploit-db.com/exploits/32990 http://secunia.com/advisories/42238 http://securityreason.com/securityalert/8328 http://securitytracker.com/id?1024741 http://www.exploit-db.com/exploits/15631 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333 http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf http:/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2009-3842
https://notcve.org/view.php?id=CVE-2009-3842
Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain "access to data" or cause a denial of service via unknown vectors. Una vulnerabilidad no especificada en la impresora multifunción HP Color LaserJet M3530 con firmware v05.058.4 firmware y la Color LaserJet CP3525 con firmware v53.021.2 permite a atacantes remotos obtener "acceso a los datos" o provocar una denegación de servicio a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=125864723627975&w=2 http://secunia.com/advisories/37433 http://www.securityfocus.com/bid/37070 http://www.vupen.com/english/advisories/2009/3293 •
CVSS: 4.3EPSS: 0%CPEs: 35EXPL: 3CVE-2009-2684 – HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-2684
Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Jetdirect y Embedded Web Server (EWS) sobre ciertas HP LaserJet e impresoras Color LaserJet, y HP Digital Senders, permiten a atacantes remotos inyectar código web o HTML a su elección a través de (1) Product_URL o (2)parámetro Tech_URL en una acción Apply en el código support_param.html/config. • https://www.exploit-db.com/exploits/10011 https://www.exploit-db.com/exploits/10055 http://dsecrg.com/pages/vul/show.php?id=148 http://marc.info/?l=bugtraq&m=125493484205823&w=2 http://secunia.com/advisories/36969 http://www.securityfocus.com/archive/1/507038/100/0/threaded http://www.securityfocus.com/bid/36613 http://www.vupen.com/english/advisories/2009/2850 https://exchange.xforce.ibmcloud.com/vulnerabilities/53677 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.1EPSS: 0%CPEs: 164EXPL: 1CVE-2009-0940
https://notcve.org/view.php?id=CVE-2009-0940
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders, permiten a atacantes remotos (1) imprimir documentos mediante vectores desconocidos, (2) modificar la configuración de red mediante una petición NetIPChange a hp/device/config_result_YesNo.html/config o (3) cambiar la contraseña mediante los parámetros Password y ConfirmPassword a hp/device/set_config_password.html/config. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566 http://osvdb.org/52847 http://osvdb.org/52848 http://osvdb.org/52849 http://www.louhinetworks.fi/advisory/HP_20090317.txt http://www.securityfocus.com/archive/1/501884/100/0/threaded http://www.securityfocus.com/bid/34143 http://www.vupen.com/english/advisories/2009/0754 • CWE-352: Cross-Site Request Forgery (CSRF) •