3863 matches found
Not to ignore the printer vulnerability research-exploit warning-the black bar safety net
0×01 Preface After a recent period of time of the test, found within the enterprise network printer there are a variety of vulnerabilities, but also often been ignored, hence this article's research. When a printer connected to the network, you can conduct a port scan, read and write to upload a...
CVE-2019-5016
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory...
CVE-2019-5017
An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenticated, remote attacker can craft and send a...
CVE-2019-5016
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory...
Memory corruption
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory...
CVE-2019-5017
CVE-2019-5017 concerns KCodes NetUSB.ko in NETGEAR Nighthawk/other routers. The TALOS advisories confirm an unauthenticated remote kernel information-disclosure vulnerability in NetUSB.ko that can return multiple addresses, including a base address for NetUSB.ko (e.g., 0xBF111000) via crafted pac...
CVE-2019-5016
An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory...
CVE-2019-5016
CVE-2019-5016 is a KCodes NetUSB.ko kernel module vulnerability used by NETGEAR Nighthawk routers (and potentially other vendors) that allows unauthenticated remote memory reads via a crafted index in the NetUSB protocol. The underlying issue is an out-of-bounds/invalid memory read that could lea...
CVE-2019-6324
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...
CVE-2019-6326
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow...
Cross site scripting
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...
Buffer overflow
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an IPP Parser potentially vulnerable to Buffer Overflow...
Buffer overflow
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow...
CVE-2019-6326
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have embedded web server attributes which may be potentially vulnerable to Buffer Overflow...
CVE-2019-6326
CVE-2019-6326 affects HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before v20190426). The vulnerability is a Buffer Overflow in the device’s embedded web server, triggered by processing memory operations without pr...
CVE-2019-6325
CVE-2019-6325 affects HP Color LaserJet Pro M280-M281 Multifunction Printer series (before 20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before 20190426). The vulnerability is a Cross-Site Request Forgery in the printer’s embedded web server. HP’s advisory (HPSBPI03619 rev. 2) notes t...
CVE-2019-6324
HP Color LaserJet Pro M280-M281 Multifunction Printer series before v. 20190419, HP LaserJet Pro MFP M28-M31 Printer series before v. 20190426 may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page...
CVE-2019-6324
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before 20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before 20190426) are affected by a stored XSS in the wireless configuration page due to insufficient input validation on the embedded web server. This could allow an atta...
CVE-2019-6323
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before 20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before 20190426) expose a vulnerability in the embedded web server’s wireless configuration page that allows reflected cross-site scripting (XSS). Root cause: lack of pro...
KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability
Summary An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. An unauthenticated, remote attacker can craft and se...