HP LaserJet Printers Multiple Vulnerabilities (CVE-2012-3273)

Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware before 20120625 and LaserJet 400 M401 with firmware before 20120621 allow remote attackers to obtain sensitive information via unknown vectors. This plugin only works with Tenable.ot. Please visit...

HP LaserJet Printers Missing Authorization (CVE-2013-4807)

Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 20130703 allows remote attackers to modify data via unknown vectors. This plugin only works with Tenable.ot. Please...

HP LaserJet Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-4829)

HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors. This plugin only...

HP LaserJet Printers Denial of Service (CVE-2012-5215)

Unspecified vulnerability on the HP LaserJet Pro M1212nf, M1213nf, M1214nfh, M1216nfh, M1217nfw, and M1219nf, and HotSpot LaserJet Pro M1218nfs, with firmware before 20130211; LaserJet Pro CP1025nw with firmware before 20130212; and LaserJet Pro P1102w and P1606dn with firmware before 20130213...

HP LaserJet Printers Path Traversal (CVE-2010-4107)

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers...

HP LaserJet Denial of Service (CVE-2009-3842)

Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain access to data or cause a denial of service via unknown vectors. This plugin only works with...

HP Printer Cross-Site Request Forgery (CVE-2009-0940)

Multiple cross-site request forgery CSRF vulnerabilities in the HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that 1 print documents via unknown vectors, 2 modif...

HP Printer Buffer Overflow (CVE-2006-6742)

Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service device crash via a long string in the 1 LIST or 2 NLST...

HP Color LaserJet Exposure of Sensitive Information to an Unauthorized Actor (CVE-2005-2988)

HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. This plugin only works with Tenable.ot. Please visit...

HP Color LaserJet Path Traversal (CVE-2006-1654)

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. dot dot in an HTTP GET request to TCP port 5225. This plugin only works with Tenable.ot. Please vis...

HP Color LaserJet Missing Authentication for Critical Function (CVE-2004-2439)

The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

CVE-2019-18916

A potential security vulnerability has been identified for HP LaserJet Solution Software for certain HP LaserJet Printers which may lead to unauthorized elevation of privilege on the client...

CVE-2024-2301

Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting XSS attack via the web management interface of the device...

CVE-2025-1004

Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP Internet Printing Protocol...

HP LaserJet Printers Buffer Copy without Checking Size of Input (CVE-2023-1329)

A potential security vulnerability has been identified for certain HP multifunction printers MFPs. The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. This plugin only works with Tenable.ot. Please visit...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41182)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41184)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2023-5113)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Printers Improper Neutralization of Input During Web Page Generation (CVE-2021-41183)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

HP LaserJet Pro Printers Information Disclosure (HPSBPI04074)

Certain HP LaserJet Pro print products is potentially vulnerable to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...