Computer Security
[EN] securityvulns.ru no-pyccku


Multiple HP printers unauthorized access
Published:05.12.2011
Source:
SecurityVulns ID:12068
Type:remote
Threat Level:
7/10
Description:Remote Firmware Update option is enabled by default and allows to replace firmware via TCP/9100.
CVE:CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.)
Original documentdocumentHP, [security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default (05.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod