The vulnerability of HP Color LaserJet Pro printer’s microprogramming software, related to the falsification of inter-site requests, allows a perpetrator to trigger a service failure.

The vulnerability of HP Color LaserJet Pro printer microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of HP Color LaserJet Pro printer microprogramming software, related to the falsification of inter-site requests, allows a perpetrator to compromise the confidentiality and integrity of protected information.

The vulnerability of HP Color LaserJet Pro printer microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability

Summary An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid...

Citrix PDF Printer Not Auto Creating With Workspace app for Chrome OS

Customer having an issue with Workspace on the Chromebooks. The "Citrix PDF Printer" is not auto creating when logging into a Windows 10 desktop session. The "Auto-Create PDF Universal Printer" policy is set to enabled, but it's not creating the printer when logging into a session. Logging in fro...

Windows 10 v2004, 20H2, 21H1, 21H2 & 22H2 – Citrix Known Issues

Microsoft releases software updates for Windows 10 twice a year through the Semi-Annual Channel. Microsoft released its Semi-Annual Channel 'May 2020 update' v2004 in May 2020,'October 2020 update'20H2 in October 2020, 'May 2021 update' 21H1 in May 2021, 'November 2021 update' 21H2 and '2022...

Samsung SCX-824 Cross-Site Scripting Vulnerability

The Samsung SCX-824 is a multifunction printer from Samsung South Korea. A cross-site scripting vulnerability exists in the Samsung SCX-824. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

CVE-2019-12315

Samsung SCX-824 printers allow a reflected Cross-Site-Scripting XSS vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter...

RICOH SP 4510DN Code Injection Vulnerability

The RICOH SP 4510DN is a multifunction printer from Ricoh Japan. A code injection vulnerability exists in the RICOH SP 4510DN, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the construction of a code segment, and c...

RICOH SP 4520DN Code Injection Vulnerability

The RICOH SP 4520DN is a multifunction printer from Ricoh Japan. A code injection vulnerability exists in the RICOH SP 4520DN, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the construction of a code segment, and c...

RICOH SP 4520DN Printer - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4520DN Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.ht...

RICOH SP 4520DN Printer - HTML Injection

RICOH SP 4520DN Printer - HTML Injection Exploit Title: RICOH SP 4520DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.htm...

RICOH SP 4510DN Printer - HTML Injection

Exploit Title: RICOH SP 4510DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

RICOH SP 4520DN Printer - HTML Injection

Exploit Title: RICOH SP 4520DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

RICOH SP 4520DN Printer HTML Injection

Exploit Title: RICOH SP 4520DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

RICOH SP 4510DN Printer HTML Injection

Exploit Title: RICOH SP 4510DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

Information Disclosure

samba is vulnerable to information disclosure. This is due to the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by t...

Arbitrary Code Execution

Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. It was discovered that the unhtmlify function o...

Arbitrary Code Execution

Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. It was discovered that the unhtmlify function o...

Using Foxit Reader PDF Printer to achieve provided the right-vulnerability warning-the black bar safety net

Last year, I wrote an article about the Foxit Reader, tap the UAF vulnerability of the process, and how to exploit the vulnerability remote code execution attacks. After that, I'm in one of the articles described in Foxit Reader SDK ActiveX in a command injection vulnerability. The spirit does no...

CVE-2018-17168

PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...