Search criteria
9 vulnerabilities found for color_laserjet_4650 by hp
FKIE_CVE-2009-0941
Vulnerability from fkie_nvd - Published: 2009-03-18 21:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:8100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F186CB2-E079-4F2B-943F-EB8F9638C717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F8D755-0208-4081-99A2-00B0779AB285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9200c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F76374-8890-47D1-AD4D-B8951B08A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9250c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED8DFB7-447D-44BE-98EF-587F6A82D521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2938ACA1-A6FA-47CD-AB05-7CF9095C7850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EBCE22-6268-4083-A045-0D05F7110384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2605dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB5C6FD-9280-451B-ACF3-2C3AFC50BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4370mfp:20081211_46.211.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7CF651-DB8F-4748-8E87-1C0173657400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E71E717-E71F-495E-9D86-794BF8A094D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8881544-2C06-41F2-9569-C3DCEB8F175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600hdn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13BD8FA5-17EC-4850-9970-9F472E4BE809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F03F783-0CFE-488A-A392-2866D56E5E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627B437F-2941-4689-A3D0-E0037D9CB053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE52C54-2BF9-473A-8749-FEA31A2DEAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1218222B-AC9B-430D-8948-D72F72293B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F3C900-81E1-467C-8D70-E70CADF484CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4DED7B-DDA5-4302-923F-95258C52CF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C77E2D0-34F7-4940-AC33-47E405006890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A3DFCD-E5C1-4997-95D4-9DF50FE1EAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500mfp:20070719_05.011.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99FD2715-0ECB-42B9-8967-D8C80DEAC5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8050:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "8E40ABF2-0485-47DB-92FE-FC8F630F15B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "E8D50F7A-2290-49A1-AB7B-F1FCD5035599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:digital_senders:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F654546-9F2E-4B1B-AAF6-54D799317C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:edgeline_printers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E5A0-9342-49BD-BBD7-E8A90FC42EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322C9A6C-C3A6-4058-861C-882B68443744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA365AAC-C67A-43FE-A419-E3B5B0BAEA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB27B7D-AAC8-4FEC-98C4-FC613E9CA36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1012:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581AB2AA-1731-4142-822A-5F40DFA2C34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCE831-3508-4059-9579-91DA526902B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F27B109-9BCA-4D72-A21C-B6D70F1AD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF6A641-E205-4290-97E2-34A3B3E9672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FD0F5B-F181-46AC-BE66-642E4CD60FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B0A4A9-60C2-4CEC-B531-50C086173DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B05D9690-22E6-4E89-A5A7-42B28BD043DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA67FA-E8B9-4D9E-B0F3-58B0A1B183B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022nw:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09FB44-FFEE-4AB0-A2E0-C470F20733EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A25D1906-E45D-465B-B481-8C9B88FF37ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E25BDF8F-F1B9-4A3E-A220-E72B306CF21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1160:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E04FA759-550C-4C08-BBF3-1B8F512DEBB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D562B5-09B6-4D0E-9816-4DC9C193FCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB12831-81B7-4B6E-9D80-259A474F38E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0645FD3F-1F42-4355-8430-D2B3F8740A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3D3A6-7594-4306-A7C1-997328468C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3C0E33-D115-4BCB-818E-92E5655AB8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224C6B7D-DEAF-4B0D-93BA-BC5BF9517009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C69367D0-1B9A-4615-9F4A-2F76596BA8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A842F761-7AC1-4FE6-9D8E-D4E812971371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3BC003-8116-475C-8816-DCD46E0184DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8A93AE-C3A9-4714-A6FB-C855C9F439C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89A6F96-4A4A-4877-8E95-700CBAE663CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2410:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B34898C-6B9F-4DEF-9D9E-B7BA52F95A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2420:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3029F65D-88C0-4BC4-91D6-594474F022B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F804968D-0241-4C20-BAAC-684BA46B67F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BB1543-E25E-4F77-8F53-ADC38FE3B81D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71F75D41-DFB3-4FD2-A883-BBA8964D84D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB83B8ED-0A0A-45C2-9A4F-BF85F97C114E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F0E663-70A4-405C-B37E-60E24DDC6383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A10474D2-F8D9-40B8-8E19-4741BDA55A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4042B85B-8BA8-49C8-8C72-ED4B12D10C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE1760-B9BD-4002-BA5C-0AFC4A2FBFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EBF17F-331F-42D1-AC33-C5F60FF1C865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4\\/4m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96CB43B7-7CA2-4B8A-98D9-377F615F61E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4_plus\\/m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DBBC2B-C054-46AD-9ABD-249216ED513F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659DFCA6-CF7D-4982-913B-6BF1B3DC5F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02138F3E-4F3C-4607-BBB1-98D09B3C7F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6DC20-0757-4CF8-AB85-265C5264630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549105CC-BA47-4C39-8B8A-9CAC39266B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE20791A-6CDA-46D0-8149-82F7D21662BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75525D7F-A881-4199-B44D-8E2D1B4809FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4993667F-9DE8-4DC9-90B1-A6D3AB6BFB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED01DD0-7485-48E8-96E1-598DA0981525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200ln:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BCFB30-7322-4ABE-9529-CC10DA54F752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42459D1C-B860-4622-BA74-C6AF5446D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D180CB2E-F05A-4B9C-837B-605A00086A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B141B-3358-469D-8331-88C5924763EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345mfp:20081211_09.131.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB3F95-8653-4CDB-BD81-53CA6D126512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850BE715-BC0F-4873-9A72-6AED6259FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03FD53-A1CA-4BD4-A87A-520D9782CEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA83D8E-3D70-4021-B9FD-F97BC8C92039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4650dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2681DAAE-9DD4-4F25-B947-C676F868B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4l\\/ml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7085C4E6-A34F-49E6-99EE-547861A25098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0F639A-C9F6-41E4-83BD-8097659ABEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B67CAF7-6CDC-4074-BE55-2D898F1CF3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31DD8C9E-1738-456D-A22C-CB0C760E3712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4v\\/mv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05A010D1-588F-4EC5-9BE2-ADA22D399D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93BAAE8B-718E-4C6D-BAED-3F435D1C66A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5\\/m\\/n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD8388-3357-435C-8430-9D6CFE52D65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_500_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F132B58-AF99-4E26-BEFB-C970AC9FCBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D220CD8-FB19-424D-B223-101098BE9088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.15:*:*:*:*:*:*:*",
"matchCriteriaId": "157C92C4-2217-4A53-B70D-16D2171E7ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.47:*:*:*:*:*:*:*",
"matchCriteriaId": "776C077B-32E5-45AD-866C-9C7FBEDF9631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F236F-7EC3-440B-8FF4-362729EF0807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:v.29.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D29E506F-B2B1-466C-9DAA-C8DFB643F036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1E2E0-6832-4DE2-B793-BC8B2F3BF431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "212422DE-F76F-4418-89E5-B3826047A852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78907BCD-E0C8-44A0-85B7-0B5148AA8AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76199C42-EF30-4F0B-9D7E-5C546001888E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8D6D65-3CA2-41E8-A8F8-B7C7BC24F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1072358B-3C6C-45EB-83B0-22833A96741A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC8DA70-8669-4522-BEF7-C4595E142467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94DFDFD-0CEA-4EC5-8E7D-0548DCAE5563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24852945-2734-468C-8DC7-5C9EBF2301FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C64CAE-6CC4-4B92-9364-F982CDF47F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0E00FE-F3DB-45C2-81AE-D7189559BD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81556F50-ED68-4774-A208-E16286BC2F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D74F55-65F6-4328-B553-2756A75B777E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA65ABF-3241-48B5-B89A-031B09B8C129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEA0FE9-F42F-4ECC-92E4-E404545CB0CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A03C331E-BCF9-4226-ACB5-4CA4C85847F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1FEDCF-C604-49B3-B748-03BE3193792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ADE7A-F615-475F-A6FB-977D51C8BD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDA57B8-2AD5-45EF-9824-E60EBFF71D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2623A6-2DA1-4877-A5D8-3C9001FDC648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3919FF01-7E93-4F35-826D-542DFD6E85B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7381DEDB-71A9-4882-B9DA-AFDC31D907C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F4812-7441-428B-B44A-E85AC64330D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9755F699-E5F7-424C-B84A-119E19A1E413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B8D80A-5E64-4ADD-98F7-2CD913EF151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_ii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502E0F4F-8103-431C-BDCD-07FAA44DB035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F17C5B7-FFE3-4FE6-A4AD-3EABCF9FCE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0EC84F-57BB-44D0-A05D-67AE5CD6652B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA3E91-824D-4167-9990-8CED8E247DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46B3AA1-0D4D-418B-A36B-2B38F642F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiisi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5EE77A-D014-4366-8D5B-251D09CC2DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040C7DA9-9FF6-4772-82D4-2ED2BE01D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD91F67B-C52F-4AED-8E02-B955F495BD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m1522n_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8D0A1B-4F76-4403-B18E-464C33169CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95CC32-07DA-473D-BDAC-347B137E582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3DE1F-AA79-4FE8-B634-368BDF14C0B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E2ECB0-2335-4ABD-8326-CF935E8C4C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C69873-A989-4B66-8D28-67A260EC7A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEA9582-8E01-41D3-A4D0-FA7BB2C98CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46628FAF-9819-4A6F-93BD-39E0650930E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C243A3-FA2C-414D-9530-CF50E65A6D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "169C56AB-5565-4A4A-B298-B1FAC40D23CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "931B6ACB-81B3-4406-834B-DFA85FC8871A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "641D5E03-1FCD-4404-A37B-586262DCF863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1009:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8AA6A9-855C-436C-AE9D-217598516DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69DEDFF4-B9B1-4B31-BE32-1E44C19A5D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C4D0A5-B51C-4122-8BB7-705474A1E709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049D53B4-920A-4BFC-A007-1DF3648C37A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE3B2A8-ABE6-464B-B9E2-E1122EDEA3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F52C858-CFB9-4CE0-9C3C-3672F03B1850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218E5994-4BF9-4B5F-ABAE-0AB85495B8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2030:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FCB0F1-6395-4B9E-99C6-9C919C62EB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF93B01-EEEE-4ACF-B7C0-55F17996543E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6E5576-6764-4534-A405-67B01F4018FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BED71C7-C0A7-4934-9930-1EC7C5A96584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612ACC73-A274-46B1-AEC6-9EBAF1E38D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFBC095-00B6-48D7-AC0A-C172DD3A550B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D468AA7E-BA93-4523-B6AA-B542E714A17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D87FDEEF-E459-4C0E-AA61-6DE9E2D73234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
},
{
"lang": "es",
"value": "El HP Embedded Web Server (EWS) en HP LaserJet Printers, Edgeline Printers, y Digital Senders no tiene contrase\u00f1a de administraci\u00f3n por defecto, lo que facilita a atacantes remotos el obtener acceso."
}
],
"id": "CVE-2009-0941",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T21:00:00.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "cve@mitre.org",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0754"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0940
Vulnerability from fkie_nvd - Published: 2009-03-18 21:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:8100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F186CB2-E079-4F2B-943F-EB8F9638C717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9100c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F8D755-0208-4081-99A2-00B0779AB285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9200c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F76374-8890-47D1-AD4D-B8951B08A351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:9250c_digital_sender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED8DFB7-447D-44BE-98EF-587F6A82D521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2938ACA1-A6FA-47CD-AB05-7CF9095C7850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EBCE22-6268-4083-A045-0D05F7110384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_2605dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB5C6FD-9280-451B-ACF3-2C3AFC50BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4370mfp:20081211_46.211.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7CF651-DB8F-4748-8E87-1C0173657400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E71E717-E71F-495E-9D86-794BF8A094D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8881544-2C06-41F2-9569-C3DCEB8F175B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4600hdn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13BD8FA5-17EC-4850-9970-9F472E4BE809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F03F783-0CFE-488A-A392-2866D56E5E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "627B437F-2941-4689-A3D0-E0037D9CB053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F0604C-781B-4E69-A88E-C25492CB163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE52C54-2BF9-473A-8749-FEA31A2DEAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1218222B-AC9B-430D-8948-D72F72293B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F3C900-81E1-467C-8D70-E70CADF484CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_8550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD4DED7B-DDA5-4302-923F-95258C52CF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C77E2D0-34F7-4940-AC33-47E405006890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A3DFCD-E5C1-4997-95D4-9DF50FE1EAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500mfp:20070719_05.011.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99FD2715-0ECB-42B9-8967-D8C80DEAC5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8050:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "8E40ABF2-0485-47DB-92FE-FC8F630F15B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*",
"matchCriteriaId": "E8D50F7A-2290-49A1-AB7B-F1FCD5035599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:digital_senders:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F654546-9F2E-4B1B-AAF6-54D799317C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:edgeline_printers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A17E5A0-9342-49BD-BBD7-E8A90FC42EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "322C9A6C-C3A6-4058-861C-882B68443744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA365AAC-C67A-43FE-A419-E3B5B0BAEA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB27B7D-AAC8-4FEC-98C4-FC613E9CA36F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1012:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581AB2AA-1731-4142-822A-5F40DFA2C34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCE831-3508-4059-9579-91DA526902B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F27B109-9BCA-4D72-A21C-B6D70F1AD7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1018s:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF6A641-E205-4290-97E2-34A3B3E9672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FD0F5B-F181-46AC-BE66-642E4CD60FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1020_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B0A4A9-60C2-4CEC-B531-50C086173DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B05D9690-22E6-4E89-A5A7-42B28BD043DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCA67FA-E8B9-4D9E-B0F3-58B0A1B183B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1022nw:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09FB44-FFEE-4AB0-A2E0-C470F20733EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A25D1906-E45D-465B-B481-8C9B88FF37ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E25BDF8F-F1B9-4A3E-A220-E72B306CF21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1160:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E04FA759-550C-4C08-BBF3-1B8F512DEBB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D562B5-09B6-4D0E-9816-4DC9C193FCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB12831-81B7-4B6E-9D80-259A474F38E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_1320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0645FD3F-1F42-4355-8430-D2B3F8740A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3D3A6-7594-4306-A7C1-997328468C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3C0E33-D115-4BCB-818E-92E5655AB8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "224C6B7D-DEAF-4B0D-93BA-BC5BF9517009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C69367D0-1B9A-4615-9F4A-2F76596BA8EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A842F761-7AC1-4FE6-9D8E-D4E812971371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3BC003-8116-475C-8816-DCD46E0184DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2300dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8A93AE-C3A9-4714-A6FB-C855C9F439C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2400:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89A6F96-4A4A-4877-8E95-700CBAE663CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2410:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B34898C-6B9F-4DEF-9D9E-B7BA52F95A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2420:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3029F65D-88C0-4BC4-91D6-594474F022B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F804968D-0241-4C20-BAAC-684BA46B67F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2430:20070410_08.112.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BB1543-E25E-4F77-8F53-ADC38FE3B81D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71F75D41-DFB3-4FD2-A883-BBA8964D84D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2500c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB83B8ED-0A0A-45C2-9A4F-BF85F97C114E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F0E663-70A4-405C-B37E-60E24DDC6383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_2600n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A10474D2-F8D9-40B8-8E19-4741BDA55A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4042B85B-8BA8-49C8-8C72-ED4B12D10C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE1760-B9BD-4002-BA5C-0AFC4A2FBFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EBF17F-331F-42D1-AC33-C5F60FF1C865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4\\/4m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96CB43B7-7CA2-4B8A-98D9-377F615F61E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4_plus\\/m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DBBC2B-C054-46AD-9ABD-249216ED513F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659DFCA6-CF7D-4982-913B-6BF1B3DC5F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4000n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02138F3E-4F3C-4607-BBB1-98D09B3C7F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE6DC20-0757-4CF8-AB85-265C5264630F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549105CC-BA47-4C39-8B8A-9CAC39266B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE20791A-6CDA-46D0-8149-82F7D21662BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4100mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75525D7F-A881-4199-B44D-8E2D1B4809FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4993667F-9DE8-4DC9-90B1-A6D3AB6BFB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED01DD0-7485-48E8-96E1-598DA0981525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4200ln:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BCFB30-7322-4ABE-9529-CC10DA54F752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD9E6F-1F64-4643-B8E5-B3CAB5F961B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42459D1C-B860-4622-BA74-C6AF5446D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F315232A-2DBB-4BE6-AB1E-0CCB327E19E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D180CB2E-F05A-4B9C-837B-605A00086A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B4B141B-3358-469D-8331-88C5924763EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF801E-6D02-4CDF-AA6F-9F272D341E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345mfp:20081211_09.131.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27CB3F95-8653-4CDB-BD81-53CA6D126512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850BE715-BC0F-4873-9A72-6AED6259FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:20080319_08.015.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03FD53-A1CA-4BD4-A87A-520D9782CEE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECA83D8E-3D70-4021-B9FD-F97BC8C92039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4650dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2681DAAE-9DD4-4F25-B947-C676F868B854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4l\\/ml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7085C4E6-A34F-49E6-99EE-547861A25098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4m_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B0F639A-C9F6-41E4-83BD-8097659ABEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B67CAF7-6CDC-4074-BE55-2D898F1CF3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31DD8C9E-1738-456D-A22C-CB0C760E3712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4v\\/mv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05A010D1-588F-4EC5-9BE2-ADA22D399D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93BAAE8B-718E-4C6D-BAED-3F435D1C66A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5\\/m\\/n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26BD8388-3357-435C-8430-9D6CFE52D65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_500_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F132B58-AF99-4E26-BEFB-C970AC9FCBB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D220CD8-FB19-424D-B223-101098BE9088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.15:*:*:*:*:*:*:*",
"matchCriteriaId": "157C92C4-2217-4A53-B70D-16D2171E7ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5000:r.25.47:*:*:*:*:*:*:*",
"matchCriteriaId": "776C077B-32E5-45AD-866C-9C7FBEDF9631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F236F-7EC3-440B-8FF4-362729EF0807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100:v.29.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D29E506F-B2B1-466C-9DAA-C8DFB643F036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5100dtn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1E2E0-6832-4DE2-B793-BC8B2F3BF431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "977F2612-D1DE-4EAD-99ED-CF6FFD1D5B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5l:*:*:*:*:*:*:*:*",
"matchCriteriaId": "212422DE-F76F-4418-89E5-B3826047A852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5m:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78907BCD-E0C8-44A0-85B7-0B5148AA8AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5p\\/mp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76199C42-EF30-4F0B-9D7E-5C546001888E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5si:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8D6D65-3CA2-41E8-A8F8-B7C7BC24F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1072358B-3C6C-45EB-83B0-22833A96741A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC8DA70-8669-4522-BEF7-C4595E142467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F94DFDFD-0CEA-4EC5-8E7D-0548DCAE5563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_8150dn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24852945-2734-468C-8DC7-5C9EBF2301FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C64CAE-6CC4-4B92-9364-F982CDF47F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F0E00FE-F3DB-45C2-81AE-D7189559BD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9000mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81556F50-ED68-4774-A208-E16286BC2F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D74F55-65F6-4328-B553-2756A75B777E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA65ABF-3241-48B5-B89A-031B09B8C129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEA0FE9-F42F-4ECC-92E4-E404545CB0CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A03C331E-BCF9-4226-ACB5-4CA4C85847F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1FEDCF-C604-49B3-B748-03BE3193792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D06ADE7A-F615-475F-A6FB-977D51C8BD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDA57B8-2AD5-45EF-9824-E60EBFF71D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2623A6-2DA1-4877-A5D8-3C9001FDC648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050mfp:20080204_08.110.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3919FF01-7E93-4F35-826D-542DFD6E85B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7381DEDB-71A9-4882-B9DA-AFDC31D907C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F48F4812-7441-428B-B44A-E85AC64330D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9755F699-E5F7-424C-B84A-119E19A1E413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9500mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B8D80A-5E64-4ADD-98F7-2CD913EF151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_ii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502E0F4F-8103-431C-BDCD-07FAA44DB035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F17C5B7-FFE3-4FE6-A4AD-3EABCF9FCE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iii:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F0EC84F-57BB-44D0-A05D-67AE5CD6652B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DA3E91-824D-4167-9990-8CED8E247DBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B46B3AA1-0D4D-418B-A36B-2B38F642F798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iiisi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5EE77A-D014-4366-8D5B-251D09CC2DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040C7DA9-9FF6-4772-82D4-2ED2BE01D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_iip_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD91F67B-C52F-4AED-8E02-B955F495BD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m1522n_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8D0A1B-4F76-4403-B18E-464C33169CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95CC32-07DA-473D-BDAC-347B137E582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3DE1F-AA79-4FE8-B634-368BDF14C0B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E2ECB0-2335-4ABD-8326-CF935E8C4C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55C69873-A989-4B66-8D28-67A260EC7A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEA9582-8E01-41D3-A4D0-FA7BB2C98CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46628FAF-9819-4A6F-93BD-39E0650930E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C243A3-FA2C-414D-9530-CF50E65A6D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "169C56AB-5565-4A4A-B298-B1FAC40D23CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "931B6ACB-81B3-4406-834B-DFA85FC8871A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "641D5E03-1FCD-4404-A37B-586262DCF863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1009:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8AA6A9-855C-436C-AE9D-217598516DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69DEDFF4-B9B1-4B31-BE32-1E44C19A5D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C4D0A5-B51C-4122-8BB7-705474A1E709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p1505n:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049D53B4-920A-4BFC-A007-1DF3648C37A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE3B2A8-ABE6-464B-B9E2-E1122EDEA3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F52C858-CFB9-4CE0-9C3C-3672F03B1850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218E5994-4BF9-4B5F-ABAE-0AB85495B8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2030:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FCB0F1-6395-4B9E-99C6-9C919C62EB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p2050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF93B01-EEEE-4ACF-B7C0-55F17996543E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6E5576-6764-4534-A405-67B01F4018FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BED71C7-C0A7-4934-9930-1EC7C5A96584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "612ACC73-A274-46B1-AEC6-9EBAF1E38D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*",
"matchCriteriaId": "222D062D-1F47-4E21-9173-A5AFEEF66482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFBC095-00B6-48D7-AC0A-C172DD3A550B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D468AA7E-BA93-4523-B6AA-B542E714A17F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D87FDEEF-E459-4C0E-AA61-6DE9E2D73234",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders, permiten a atacantes remotos (1) imprimir documentos mediante vectores desconocidos, (2) modificar la configuraci\u00f3n de red mediante una petici\u00f3n NetIPChange a hp/device/config_result_YesNo.html/config o (3) cambiar la contrase\u00f1a mediante los par\u00e1metros Password y ConfirmPassword a hp/device/set_config_password.html/config."
}
],
"id": "CVE-2009-0940",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T21:00:00.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52847"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52848"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52849"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0754"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-0161
Vulnerability from fkie_nvd - Published: 2007-01-10 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | pml_driver_hpz12 | * | |
| hp | color_laserjet_4650 | * | |
| hp | officejet_4100 | * | |
| hp | officejet_5100 | * | |
| hp | officejet_5500 | * | |
| hp | officejet_6100 | * | |
| hp | officejet_7100 | * | |
| hp | officejet_d | * | |
| hp | officejet_g | * | |
| hp | officejet_k | * | |
| hp | psc_1100 | * | |
| hp | psc_1200 | * | |
| hp | psc_1210_all-in-one | * | |
| hp | psc_1300 | * | |
| hp | psc_2100 | * | |
| hp | psc_2200 | * | |
| hp | psc_2400_photosmart_all-in-one | * | |
| hp | psc_2500_photosmart_all-in-one | * | |
| hp | psc_2510_photosmart | * | |
| hp | psc_700 | * | |
| hp | psc_900 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:pml_driver_hpz12:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21A1431A-1719-4828-87FF-5D0C46411811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4650:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F03F783-0CFE-488A-A392-2866D56E5E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2059775-C26F-4EA1-A0CD-76D0843268EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC4816F-91F4-4131-BB29-1B2EE569CB00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "009392C1-99E4-4708-84D8-E88EC045BBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_6100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA7536D-A06E-482F-B153-5FAD99DB158A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_7100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9F99A8-7C20-4C55-9801-8BEEF55BF576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0F58C6-F5A2-4AB5-ACE7-BA1582A26EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_g:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93EF648B-6890-4B2F-B8EA-E3578E7DBF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_k:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4B6410-406E-4F43-A783-C94A49145860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F42B35-8D35-4E41-A0AF-7278E95BE86B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_1200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A51D1382-EFDB-414F-AC19-E6FB30271E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_1210_all-in-one:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABA922B-64D0-43E6-B56A-3865D00B4F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_1300:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D604DCBF-3222-490E-98C5-6EAD445C788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_2100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2BEF61-07F7-482D-9CCB-4211FA014646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_2200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD2A2CF7-8925-4275-A12E-24DDEF16E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_2400_photosmart_all-in-one:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A108C79-F5C9-4495-ADDB-674AC01EBD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_2500_photosmart_all-in-one:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15D81080-0AF2-4376-B920-26090B65D625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_2510_photosmart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09141A74-EB5A-4303-8F66-D67D55DA9F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43CEAFD2-3C9A-4015-984A-DAAAAB92A5D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:psc_900:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF634DFE-2351-4689-A82D-F23F5FF35F86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023."
},
{
"lang": "es",
"value": "El controlador PML HPZ12 (HPZipm12.exe) en los controladores todo en uno de HP, usado en m\u00faltiples productos HP, utiliza permisos no seguros SERVICE_CHANGE_CONFIG DACL, lo cual permite a un usuario local ganar privilegios y ejecutar programas de su elecci\u00f3n, como se demostr\u00f3 con la modificaci\u00f3n del argumento binpath, un asunto relacionado con CVE-2006-0023."
}
],
"id": "CVE-2007-0161",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-10T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32654"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23663"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2128"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-0940 (GCVE-0-2009-0940)
Vulnerability from cvelistv5 – Published: 2009-03-18 20:35 – Updated: 2024-08-07 04:57
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52847"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"refsource": "OSVDB",
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"refsource": "OSVDB",
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"refsource": "OSVDB",
"url": "http://osvdb.org/52847"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0940",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0941 (GCVE-0-2009-0941)
Vulnerability from cvelistv5 – Published: 2009-03-18 20:35 – Updated: 2024-08-07 04:57
VLAI?
Summary
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0941",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0161 (GCVE-0-2007-0161)
Vulnerability from cvelistv5 – Published: 2007-01-10 00:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2128",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"refsource": "OSVDB",
"url": "http://osvdb.org/32654"
},
{
"name": "http://secway.org/advisory/AD20070108.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0161",
"datePublished": "2007-01-10T00:00:00",
"dateReserved": "2007-01-09T00:00:00",
"dateUpdated": "2024-08-07T12:12:17.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0940 (GCVE-0-2009-0940)
Vulnerability from nvd – Published: 2009-03-18 20:35 – Updated: 2024-08-07 04:57
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52847"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "52848",
"refsource": "OSVDB",
"url": "http://osvdb.org/52848"
},
{
"name": "34143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34143"
},
{
"name": "52849",
"refsource": "OSVDB",
"url": "http://osvdb.org/52849"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
},
{
"name": "52847",
"refsource": "OSVDB",
"url": "http://osvdb.org/52847"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0940",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0941 (GCVE-0-2009-0941)
Vulnerability from nvd – Published: 2009-03-18 20:35 – Updated: 2024-08-07 04:57
VLAI?
Summary
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0754",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0754",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0754"
},
{
"name": "HPSN-2009-001",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566"
},
{
"name": "20090316 HP Laserjet multiple models web management CSRF vulnerability \u0026 insecure default configuration",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501884/100/0/threaded"
},
{
"name": "http://www.louhinetworks.fi/advisory/HP_20090317.txt",
"refsource": "MISC",
"url": "http://www.louhinetworks.fi/advisory/HP_20090317.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0941",
"datePublished": "2009-03-18T20:35:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0161 (GCVE-0-2007-0161)
Vulnerability from nvd – Published: 2007-01-10 00:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:17.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2128",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2128",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2128"
},
{
"name": "pml-driver-config-privilege-escalation(31361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31361"
},
{
"name": "23663",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23663"
},
{
"name": "ADV-2007-0094",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0094"
},
{
"name": "32654",
"refsource": "OSVDB",
"url": "http://osvdb.org/32654"
},
{
"name": "http://secway.org/advisory/AD20070108.txt",
"refsource": "MISC",
"url": "http://secway.org/advisory/AD20070108.txt"
},
{
"name": "21935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21935"
},
{
"name": "20070108 HP Multiple Products PML Driver Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456259/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0161",
"datePublished": "2007-01-10T00:00:00",
"dateReserved": "2007-01-09T00:00:00",
"dateUpdated": "2024-08-07T12:12:17.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}