CVE-2010-4107

🗓️ 17 Nov 2010 15:00:00Reported by hpType

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers enables remote attackers to read arbitrary files via a command inside a print job

Reporter	Title	Published	Views	Family All 25
0day.today	HP LaserJet Directory Traversal in PJL Interface	30 Nov 201000:00	–	zdt
0day.today	HP JetDirect PJL Interface Universal Path Traversal	7 Aug 201100:00	–	zdt
0day.today	HP Laser Jet - JavaScript Persistent XSS via PJL Directory Traversal	3 May 201400:00	–	zdt
Circl	CVE-2010-4107	29 Nov 201000:00	–	circl
Cvelist	CVE-2010-4107	17 Nov 201015:00	–	cvelist
Exploit DB	HP LaserJet - Directory Traversal in PJL Interface	29 Nov 201000:00	–	exploitdb
Exploit DB	HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)	7 Aug 201100:00	–	exploitdb
Exploit DB	HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal	23 Apr 201400:00	–	exploitdb
exploitpack	HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal	23 Apr 201400:00	–	exploitpack
exploitpack	HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)	7 Aug 201100:00	–	exploitpack

NVD

Node

hp 9000

hp color_laserjet_mfp

Source	Link
secunia	www.secunia.com/advisories/42238
vupen	www.vupen.com/english/advisories/2010/2987
exploit-db	www.exploit-db.com/exploits/15631
securityreason	www.securityreason.com/securityalert/8328
nruns	www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf
securitytracker	www.securitytracker.com/id
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/63261
securityfocus	www.securityfocus.com/bid/44882
itrc	www.itrc.hp.com/service/cki/docDisplay.do

29 Apr 2026 01:13Current

6.8Medium risk

Vulners AI Score6.8

CVSS 27.8

EPSS0.29972

CWE-22

hp laserjet mfp printers security vulnerability cve-2010-4107 filesystem remote attack nvd