Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

HP LaserJet Printers Insecure Default Initialization of Resource (CVE-2011-4161)

🗓️ 26 May 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 6 Views

HP printers with insecure default Remote Firmware Update enable remote code execution.

Related
Refs
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2011-4161
1 Dec 201121:00
cve
Cvelist		CVE-2011-4161
1 Dec 201121:00
cvelist
EUVD		EUVD-2011-4104
7 Oct 202500:30
euvd
Hewlett-Packard		HPSBPI02728 SSRT100692 rev.7 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default
28 Nov 201100:00
hp
Tenable Nessus		HP Printer Firmware Signing Disabled
1 Mar 201200:00
nessus
NVD		CVE-2011-4161
1 Dec 201121:55
nvd
Prion		Default configuration
1 Dec 201121:55
prion
securityvulns		[security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default
5 Dec 201100:00
securityvulns
securityvulns		Multiple HP printers unauthorized access
5 Dec 201100:00
securityvulns
securityvulns		HP LaserJet P3015 printer unauthorized access
11 Jan 201200:00
securityvulns
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(505354);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/28");

  script_cve_id("CVE-2011-4161");

  script_name(english:"HP LaserJet Printers Insecure Default Initialization of Resource (CVE-2011-4161)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The default configuration of the HP CM8060 Color MFP with Edgeline;
Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise
CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx,
Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555
MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which
allows remote attackers to execute arbitrary code by using a session
on TCP port 9100 to upload a crafted firmware update.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://support.hp.com/us-en/document/ish_10376801-10376836-16/hpsbpi02728
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75b11afe");
  # http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ff0fde5e");
  # http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?56a40c14");
  script_set_attribute(attribute:"see_also", value:"http://secunia.com/advisories/47063");
  script_set_attribute(attribute:"see_also", value:"http://www.kb.cert.org/vuls/id/717921");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/51324");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id?1026357");
  # https://lists.immunityinc.com/pipermail/dailydave/2011-November/000378.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dc20d51d");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-4161");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(1188);

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/12/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/12/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/05/26");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_100_color_mfp_m175");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_cp1025_color_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_p1102_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m1120_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_m1136_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp1210_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_m1212nf_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm1312_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm1312nfi_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m1319_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_cm1415_color_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p1500_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp1510_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m1522_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_cp1525_color_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_m1536_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_pro_p1606dn_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp2025");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p2035_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p2055_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm2320_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_2400_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m2727_multifunction_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_2800_all-in-one_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_3000");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p3005");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_enterprise_p3015");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m3027_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m3035_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp3505");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp3525");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm3530");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_3800");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp4005");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p4014");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p4015");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_4240");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_4250");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_4345_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m4345_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_4350");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_p4515");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_enterprise_cp4525");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_4700");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_4730_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm4730_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m5025_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m5035_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_5200l");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_5200n");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_professional_cp5225_printer_series");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_5550");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cp6015");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm6030");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_cm6040");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_9040");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_9040_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m9040_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_9050");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_9050_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:laserjet_m9050_multifunction_printer");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_9500");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:hp:color_laserjet_9500_multifunction_printer");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/HP");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/HP');

var asset = tenable_ot::assets::get(vendor:'HP');

var vuln_cpes = {
    "cpe:/h:hp:laserjet_pro_100_color_mfp_m175" :
        {"family" : "LaserJet", "versionEndExcluding" : "20111021"},
    "cpe:/h:hp:laserjet_pro_cp1025_color_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120130"},
    "cpe:/h:hp:laserjet_pro_p1102_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120130"},
    "cpe:/h:hp:laserjet_m1120_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120305"},
    "cpe:/h:hp:laserjet_pro_m1136_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120206"},
    "cpe:/h:hp:color_laserjet_cp1210_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120213"},
    "cpe:/h:hp:laserjet_pro_m1212nf_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120206"},
    "cpe:/h:hp:color_laserjet_cm1312_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120104"},
    "cpe:/h:hp:color_laserjet_cm1312nfi_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120104"},
    "cpe:/h:hp:laserjet_m1319_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120302"},
    "cpe:/h:hp:laserjet_pro_cm1415_color_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120216"},
    "cpe:/h:hp:laserjet_p1500_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120201"},
    "cpe:/h:hp:color_laserjet_cp1510_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120110"},
    "cpe:/h:hp:laserjet_m1522_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120123"},
    "cpe:/h:hp:laserjet_pro_cp1525_color_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20111215"},
    "cpe:/h:hp:laserjet_pro_m1536_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20111215"},
    "cpe:/h:hp:laserjet_pro_p1606dn_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120130"},
    "cpe:/h:hp:color_laserjet_cp2025" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120105"},
    "cpe:/h:hp:laserjet_p2035_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120105"},
    "cpe:/h:hp:laserjet_p2055_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120131"},
    "cpe:/h:hp:color_laserjet_cm2320_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120104"},
    "cpe:/h:hp:laserjet_2400_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.210.4"},
    "cpe:/h:hp:laserjet_m2727_multifunction_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120123"},
    "cpe:/h:hp:color_laserjet_2800_all-in-one_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20120307"},
    "cpe:/h:hp:color_laserjet_3000" :
        {"family" : "LaserJet", "versionEndExcluding" : "46.050.1"},
    "cpe:/h:hp:laserjet_p3005" :
        {"family" : "LaserJet", "versionEndExcluding" : "02.150.1"},
    "cpe:/h:hp:laserjet_enterprise_p3015" :
        {"family" : "LaserJetEnterprise", "versionEndExcluding" : "07.130.7"},
    "cpe:/h:hp:laserjet_m3027_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "48.241.2"},
    "cpe:/h:hp:laserjet_m3035_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "48.241.2"},
    "cpe:/h:hp:color_laserjet_cp3505" :
        {"family" : "LaserJet", "versionEndExcluding" : "03.130.2"},
    "cpe:/h:hp:color_laserjet_cp3525" :
        {"family" : "LaserJet", "versionEndExcluding" : "06.130.8"},
    "cpe:/h:hp:color_laserjet_cm3530" :
        {"family" : "LaserJet", "versionEndExcluding" : "53.171.4"},
    "cpe:/h:hp:color_laserjet_3800" :
        {"family" : "LaserJet", "versionEndExcluding" : "46.050.2"},
    "cpe:/h:hp:color_laserjet_cp4005" :
        {"family" : "LaserJet", "versionEndExcluding" : "46.190.3"},
    "cpe:/h:hp:laserjet_p4014" :
        {"family" : "LaserJet", "versionEndExcluding" : "04.160.9"},
    "cpe:/h:hp:laserjet_p4015" :
        {"family" : "LaserJet", "versionEndExcluding" : "04.160.9"},
    "cpe:/h:hp:laserjet_4240" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.220.3"},
    "cpe:/h:hp:laserjet_4250" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.220.3"},
    "cpe:/h:hp:laserjet_4345_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "09.270.1"},
    "cpe:/h:hp:laserjet_m4345_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "48.241.2"},
    "cpe:/h:hp:laserjet_4350" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.220.3"},
    "cpe:/h:hp:laserjet_p4515" :
        {"family" : "LaserJet", "versionEndExcluding" : "04.160.9"},
    "cpe:/h:hp:color_laserjet_enterprise_cp4525" :
        {"family" : "LaserJetEnterprise", "versionEndExcluding" : "07.111.0"},
    "cpe:/h:hp:color_laserjet_4700" :
        {"family" : "LaserJet", "versionEndExcluding" : "46.200.1"},
    "cpe:/h:hp:color_laserjet_4730_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "46.350.1"},
    "cpe:/h:hp:color_laserjet_cm4730_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "50.221.3"},
    "cpe:/h:hp:laserjet_m5025_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "48.241.2"},
    "cpe:/h:hp:laserjet_m5035_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "48.241.2"},
    "cpe:/h:hp:laserjet_5200l" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.181.1"},
    "cpe:/h:hp:laserjet_5200n" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.181.1"},
    "cpe:/h:hp:color_laserjet_professional_cp5225_printer_series" :
        {"family" : "LaserJet", "versionEndExcluding" : "20111220"},
    "cpe:/h:hp:color_laserjet_5550" :
        {"family" : "LaserJet", "versionEndExcluding" : "07.200.5"},
    "cpe:/h:hp:color_laserjet_cp6015" :
        {"family" : "LaserJet", "versionEndExcluding" : "04.151.0"},
    "cpe:/h:hp:color_laserjet_cm6030" :
        {"family" : "LaserJet", "versionEndExcluding" : "52.191.2"},
    "cpe:/h:hp:color_laserjet_cm6040" :
        {"family" : "LaserJet", "versionEndExcluding" : "52.191.2"},
    "cpe:/h:hp:laserjet_9040" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.221.5"},
    "cpe:/h:hp:laserjet_9040_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.260.1"},
    "cpe:/h:hp:laserjet_m9040_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "51.191.3"},
    "cpe:/h:hp:laserjet_9050" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.221.5"},
    "cpe:/h:hp:laserjet_9050_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.260.1"},
    "cpe:/h:hp:laserjet_m9050_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "51.191.3"},
    "cpe:/h:hp:color_laserjet_9500" :
        {"family" : "LaserJet", "versionEndExcluding" : "05.020.3"},
    "cpe:/h:hp:color_laserjet_9500_multifunction_printer" :
        {"family" : "LaserJet", "versionEndExcluding" : "08.260.1"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 May 2026 00:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 210
EPSS0.13953
remote firmware updatehp printersremote code execution
6