 |
|
|
|
HP LaserJet P3015 printer unauthorized access
updated since 09.01.2012 | | Published: |  | 11.01.2012 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 12130 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Web server directory traversal |
| Affected: |  | HP : LaserJet P3015 | | CVE: |  | CVE-2011-4785 (Directory traversal vulnerability in the HP-ChaiSOE/1.0 web server on the HP LaserJet P3015 printer with firmware before 07.080.3, LaserJet 4650 printer with firmware 07.006.0, and LaserJet 2430 printer with firmware 08.113.0_I35128 allows remote attackers to read arbitrary files via unspecified vectors, a different vulnerability than CVE-2008-4419.) | | | | CVE-2011-4161 (The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.) |
|
|
|
|
|
|
|
|
