Lucene search
K

92 matches found

Malwarebytes
Malwarebytes
added 2018/11/05 5:37 p.m.100 views

A week in security (October 29 – November 4)

Last week on Malwarebytes Labs, we looked at a rogue cryptocurrency app installing backdoors, took a dive into the world of printer security, explored browser privacy tweaks, highlighted a music festival–themed breach, and introduced Malwarebytes for Chromebook. Other cybersecurity news Memory...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/30 4:0 p.m.56 views

Removing the jam in your printer security

Printers are an important, invisible—albeit sometimes loud—component of the office. But all too often they’re filled with mystery meat icons, peculiar blinking lights, or error messages with no instruction manual to hand. No problem, you can just print at the next station! Wrong. Printers also...

6.8AI score
Exploits0
0day.today
0day.today
added 2018/09/25 12:0 a.m.46 views

RICOH MP C2003 Printer Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH MP C2003 Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

0.1AI score0.01EPSS
Exploits3
Packet Storm
Packet Storm
added 2018/09/25 12:0 a.m.54 views

RICOH MP C6503 Plus Printer Cross Site Scripting

Exploit Title: RICOH MP C6503 Plus Printer - HTML Injection and Stored XSS Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

0.4AI score0.01EPSS
Exploits3
0day.today
0day.today
added 2018/08/28 12:0 a.m.47 views

RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH MP C4504ex Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

0.7AI score0.02505EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/08/27 12:0 a.m.65 views

HP Jetdirect Path Traversal Arbitrary Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description' = %q The module exploits a path traversal via...

10CVSS0.6AI score0.84614EPSS
Exploits6
The Hacker News
The Hacker News
added 2018/08/14 10:35 a.m.2 views

Hackers can compromise your network just by sending a Fax

What maximum a remote attacker can do just by having your Fax machine number? Believe it or not, but your fax number is literally enough for a hacker to gain complete control over the printer and possibly infiltrate the rest of the network connected to it. Check Point researchers have revealed...

9.8CVSS9AI score0.12227EPSS
Exploits1
HackRead
HackRead
added 2018/08/04 8:42 p.m.6 views

HP Bug Bounty Program: Hack HP Printers & Earn Up To $10,000

By Uzair Amir HP Discloses its Bug Bounty Program and Here’s What You Need To Know. The Palo Alto Calif. based HP Inc., has disclosed what it terms as the industry’s first-ever bug bounty program, which has been launched to inspect printer security relates issues. The print security bug bounty...

7AI score
Exploits0
CNVD
CNVD
added 2018/08/02 12:0 a.m.1 views

Command Execution Vulnerability in HP LaserJet Professional P1600 Series Printers

HP LaserJet Professional P1600 is a printer series developed by Hewlett-Packard. A command execution vulnerability exists in the HP LaserJet Professional P1600 series of printers. An attacker could exploit the vulnerability to execute commands and gain server privileges...

7.6AI score
Exploits0
ThreatPost
ThreatPost
added 2018/07/31 2:42 p.m.16 views

HP Offers Up to $10,000 Rewards for Printer Bugs

HP launched a bug bounty program for printers Tuesday, with a max payout of $10,000 a vulnerability. The company, which has partnered with Bugcrowd to offer between $500 and $10,000 for bug discoveries, said that it marks the first-ever bug bounty program for printers. “HP has offered a way for...

8.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2018/07/10 12:0 a.m.43 views

Debian: Security Advisory (DSA-4243-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.00878EPSS
Exploits0References4
NVD
NVD
added 2018/06/26 4:29 p.m.14 views

CVE-2018-1000537

Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp Depending on branch/version that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer...

9.8CVSS9.6AI score0.03429EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.34 views

CVE-2018-1000537

Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp Depending on branch/version that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer...

9.6AI score0.03429EPSS
Exploits0References2
0day.today
0day.today
added 2018/06/13 12:0 a.m.32 views

Canon LBP7110Cw - Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Canon LBP7110Cw - Authentication Bypass Exploit Author: Huy Kha Vendor Homepage: http://global.canon.com Version: LBP7110Cw CVE: CVE-2018-12049 Severity: High Leads to full System Manager Mode account take-over Description ...

0.1AI score0.05182EPSS
Exploits6
Packet Storm
Packet Storm
added 2018/06/12 12:0 a.m.42 views

Canon LBP6030w Authentication Bypass

Exploit Title: Canon LBP6030w - Authentication Bypass Date: 2018-06-07 Exploit Author: Huy Kha Vendor Homepage: http://global.canon.com Version: LBP6030w Severity: High Leads to full System Manager Mode account take-over CVE: CVE-2018-12049 Description : A remote attacker can bypass the System...

0.4AI score0.05182EPSS
Exploits6
OSV
OSV
added 2017/11/28 10:44 p.m.13 views

GHSA-5C8J-XR24-2665 Potential Command Injection in printer

Versions 0.0.1 and earlier of printer are affected by a command injection vulnerability resulting from a failure to sanitize command arguments properly in the printDirect function. Recommendation Update to version 0.0.2 or later...

9.8CVSS9.7AI score0.03826EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2017/06/14 12:0 a.m.41 views

HP PageWide Printers / HP OfficeJet Pro Printers (OfficeJet Pro 8210) - Arbitrary Code Execution

Create a bind shell on an unpatched OfficeJet 8210 Write a script to profile.d and reboot the device. When it comes back online then nc to port 1270. easysnmp instructions: sudo apt-get install libsnmp-dev pip install easysnmp import socket import sys from easysnmp import snmpset profiledscript =...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2017/06/05 3:30 p.m.65 views

PRET - Printer Exploitation Toolkit

PRET is a new tool for printer security testing developed in the scope of a Master's Thesis at Ruhr University Bochum. It connects to a device via network or USB and exploits the features of a given printer language. Currently PostScript, PJL and PCL are supported which are spoken by most laser...

7.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2017/01/31 12:0 a.m.71 views

Hacking Printers Advisory 1

TL;DR: In the scope of academic research on printer security, various vulnerabilities in network printers and MFPs have been discovered. This is advisory 1 of 6 of the Hacking Printers' series. Each advisory discusses multiple issues of the same category. This post is about manipulating and...

0.3AI score
Exploits0
CVE
CVE
added 2015/09/01 2:0 p.m.65 views

CVE-2015-6520

CVE-2015-6520 affects ippusbxd (cups-filters) prior to 1.22. The daemon listens on all interfaces, enabling remote attackers to access USB-connected printers via a direct request. Impact is local network exposure of printers; Ubuntu announced USN-2725-1 with a fix in cups-filters-ippusbxd 1.0.67-...

7.5CVSS6.4AI score0.02426EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder