Vulnerability CVE-2010-4107
Published: 2010-11-17   Modified: 2012-02-13

Description:
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.

See advisories in our WLB2 database:
Topic
Author
Date
High
HP JetDirect PJL Query Execution
Myo Soe
08.08.2011

Type:

CWE-22

 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
HP -> 9000 
HP -> Color laserjet mfp 
HP -> Laserjet 4100 
HP -> Laserjet 4200 
HP -> Laserjet 4300 
HP -> Laserjet 5100 
HP -> Laserjet 8150 
HP -> Laserjet mfp 

 References:
http://xforce.iss.net/xforce/xfdb/63261
http://www.vupen.com/english/advisories/2010/2987
http://www.securityfocus.com/bid/44882
http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333
http://www.exploit-db.com/exploits/15631
http://securitytracker.com/id?1024741
http://securityreason.com/securityalert/8328
http://secunia.com/advisories/42238
Copyright 2024, cxsecurity.com

 

Back to Top