The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.
oryginał ENAV:N/AC:L/Au:N/C:C/I:N/A:NHP 9000
HWHpwszystkie wersjeHP Color Laserjet Mfp
HWHpwszystkie wersjeHP Laserjet 4100
HWHpwszystkie wersjeHP Laserjet 4200
HWHpwszystkie wersjeHP Laserjet 4300
HWHpwszystkie wersjeHP Laserjet 5100
HWHpwszystkie wersjeHP Laserjet 8150
HWHpwszystkie wersjeHP Laserjet Mfp
HWHpwszystkie wersje
Powiązane podatności
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no manage...
Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware ...
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR...
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class c...
HP-UX aserver program allows local users to gain privileges via a symlink attack.