CVSS: 6.1EPSS: 0%CPEs: 1133EXPL: 0CVE-2023-5113 – Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-5113
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. Certain HP Enterprise LaserJet and HP LaserJet Managed Printers son potencialmente vulnerables a la denegación de servicio debido a la solicitud de WS-Print y posibles inyecciones de Cross Site Scripting (XSS) a través de jQuery-UI. • https://support.hp.com/us-en/document/ish_9365285-9365309-16 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 38EXPL: 0CVE-2023-26301
https://notcve.org/view.php?id=CVE-2023-26301
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints. • https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0CVE-2023-35178 – HP Color LaserJet Pro M479fdw slangapp PATH_INFO Stack-based Buffer Overflow Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-35178
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the slangapp binary. When parsing the value of the passed PATH_INFO variable, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://support.hp.com/us-en/document/ish_8651729-8651769-16/hpsbpi03854 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0CVE-2023-35177 – HP Color LaserJet Pro M479fdw CFF Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35177
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CFF fonts. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. • https://support.hp.com/us-en/document/ish_8651888-8651916-16/hpsbpi03853 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0CVE-2023-35176 – HP Color LaserJet Pro M479fdw Serial_Number Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35176
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the Serial_Number element. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. • https://support.hp.com/us-en/document/ish_8651671-8651697-16/hpsbpi03852 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •