|
2009-03-18
|
CVE-2009-0941
|
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
|
8100c_digital_sender, 9100c_digital_sender, 9200c_digital_sender, 9250c_digital_sender, Color_laserjet, Color_laserjet_1500, Color_laserjet_2500, Color_laserjet_2500l, Color_laserjet_2500lse, Color_laserjet_2500n, Color_laserjet_2500tn, Color_laserjet_2605dtn, Color_laserjet_4370mfp, Color_laserjet_4600, Color_laserjet_4600dn, Color_laserjet_4600dtn, Color_laserjet_4600hdn, Color_laserjet_4650, Color_laserjet_4700, Color_laserjet_4730_mfp, Color_laserjet_5500, Color_laserjet_5550, Color_laserjet_8500, Color_laserjet_8550, Color_laserjet_9500, Color_laserjet_9500_mfp, Color_laserjet_9500mfp, Color_mfp_cm8050, Color_mfp_cm8060, Digital_senders, Edgeline_printers, Laserjet_1000, Laserjet_1005, Laserjet_1010, Laserjet_1012, Laserjet_1015, Laserjet_1018, Laserjet_1018s, Laserjet_1020, Laserjet_1020_plus, Laserjet_1022, Laserjet_1022n, Laserjet_1022nw, Laserjet_1100, Laserjet_1150, Laserjet_1160, Laserjet_1200, Laserjet_1300, Laserjet_1320, Laserjet_2, Laserjet_2000, Laserjet_2100, Laserjet_2200, Laserjet_2200dtn, Laserjet_2300, Laserjet_2300dn, Laserjet_2400, Laserjet_2410, Laserjet_2420, Laserjet_2430, Laserjet_2500, Laserjet_2500c, Laserjet_2600c, Laserjet_2600n, Laserjet_3000, Laserjet_3700, Laserjet_4, Laserjet_4000, Laserjet_4000n, Laserjet_4050, Laserjet_4100, Laserjet_4100_mfp, Laserjet_4100mfp, Laserjet_4200, Laserjet_4200dtn, Laserjet_4200ln, Laserjet_4240, Laserjet_4240n, Laserjet_4250, Laserjet_4300, Laserjet_4345_mfp, Laserjet_4345mfp, Laserjet_4350, Laserjet_4350dtn, Laserjet_4650dn, Laserjet_4\/4m, Laserjet_4_plus\/m_plus, Laserjet_4l\/ml, Laserjet_4m_plus, Laserjet_4p\/mp, Laserjet_4si, Laserjet_4v\/mv, Laserjet_5, Laserjet_5000, Laserjet_500_plus, Laserjet_5100, Laserjet_5100dtn, Laserjet_5200, Laserjet_5\/m\/n, Laserjet_5l, Laserjet_5m, Laserjet_5p\/mp, Laserjet_5si, Laserjet_8000, Laserjet_8100, Laserjet_8150, Laserjet_8150dn, Laserjet_9000, Laserjet_9000_mfp, Laserjet_9000mfp, Laserjet_9040, Laserjet_9040mfp, Laserjet_9050, Laserjet_9050_mfp, Laserjet_9050mfp, Laserjet_9055, Laserjet_9065, Laserjet_9500, Laserjet_9500mfp, Laserjet_ii, Laserjet_iid, Laserjet_iii, Laserjet_iiid, Laserjet_iiip, Laserjet_iiisi, Laserjet_iip, Laserjet_iip_plus, Laserjet_m1522n_mfp, Laserjet_m3027_mfp, Laserjet_m3035_mfp, Laserjet_m4345_mfp, Laserjet_m5025_mfp, Laserjet_m5035_mfp, Laserjet_p1000, Laserjet_p1005, Laserjet_p1006, Laserjet_p1007, Laserjet_p1008, Laserjet_p1009, Laserjet_p1500, Laserjet_p1505, Laserjet_p1505n, Laserjet_p2000, Laserjet_p2010, Laserjet_p2015, Laserjet_p2030, Laserjet_p2050, Laserjet_p3000, Laserjet_p3005, Laserjet_p4010, Laserjet_p4014, Laserjet_p4015, Laserjet_p4500, Laserjet_p4510
|
N/A
|
|
|
|
2009-03-18
|
CVE-2009-0940
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to...
|
8100c_digital_sender, 9100c_digital_sender, 9200c_digital_sender, 9250c_digital_sender, Color_laserjet, Color_laserjet_1500, Color_laserjet_2500, Color_laserjet_2500l, Color_laserjet_2500lse, Color_laserjet_2500n, Color_laserjet_2500tn, Color_laserjet_2605dtn, Color_laserjet_4370mfp, Color_laserjet_4600, Color_laserjet_4600dn, Color_laserjet_4600dtn, Color_laserjet_4600hdn, Color_laserjet_4650, Color_laserjet_4700, Color_laserjet_4730_mfp, Color_laserjet_5500, Color_laserjet_5550, Color_laserjet_8500, Color_laserjet_8550, Color_laserjet_9500, Color_laserjet_9500_mfp, Color_laserjet_9500mfp, Color_mfp_cm8050, Color_mfp_cm8060, Digital_senders, Edgeline_printers, Laserjet_1000, Laserjet_1005, Laserjet_1010, Laserjet_1012, Laserjet_1015, Laserjet_1018, Laserjet_1018s, Laserjet_1020, Laserjet_1020_plus, Laserjet_1022, Laserjet_1022n, Laserjet_1022nw, Laserjet_1100, Laserjet_1150, Laserjet_1160, Laserjet_1200, Laserjet_1300, Laserjet_1320, Laserjet_2, Laserjet_2000, Laserjet_2100, Laserjet_2200, Laserjet_2200dtn, Laserjet_2300, Laserjet_2300dn, Laserjet_2400, Laserjet_2410, Laserjet_2420, Laserjet_2430, Laserjet_2500, Laserjet_2500c, Laserjet_2600c, Laserjet_2600n, Laserjet_3000, Laserjet_3700, Laserjet_4, Laserjet_4000, Laserjet_4000n, Laserjet_4050, Laserjet_4100, Laserjet_4100_mfp, Laserjet_4100mfp, Laserjet_4200, Laserjet_4200dtn, Laserjet_4200ln, Laserjet_4240, Laserjet_4240n, Laserjet_4250, Laserjet_4300, Laserjet_4345_mfp, Laserjet_4345mfp, Laserjet_4350, Laserjet_4350dtn, Laserjet_4650dn, Laserjet_4\/4m, Laserjet_4_plus\/m_plus, Laserjet_4l\/ml, Laserjet_4m_plus, Laserjet_4p\/mp, Laserjet_4si, Laserjet_4v\/mv, Laserjet_5, Laserjet_5000, Laserjet_500_plus, Laserjet_5100, Laserjet_5100dtn, Laserjet_5200, Laserjet_5\/m\/n, Laserjet_5l, Laserjet_5m, Laserjet_5p\/mp, Laserjet_5si, Laserjet_8000, Laserjet_8100, Laserjet_8150, Laserjet_8150dn, Laserjet_9000, Laserjet_9000_mfp, Laserjet_9000mfp, Laserjet_9040, Laserjet_9040mfp, Laserjet_9050, Laserjet_9050_mfp, Laserjet_9050mfp, Laserjet_9055, Laserjet_9065, Laserjet_9500, Laserjet_9500mfp, Laserjet_ii, Laserjet_iid, Laserjet_iii, Laserjet_iiid, Laserjet_iiip, Laserjet_iiisi, Laserjet_iip, Laserjet_iip_plus, Laserjet_m1522n_mfp, Laserjet_m3027_mfp, Laserjet_m3035_mfp, Laserjet_m4345_mfp, Laserjet_m5025_mfp, Laserjet_m5035_mfp, Laserjet_p1000, Laserjet_p1005, Laserjet_p1006, Laserjet_p1007, Laserjet_p1008, Laserjet_p1009, Laserjet_p1500, Laserjet_p1505, Laserjet_p1505n, Laserjet_p2000, Laserjet_p2010, Laserjet_p2015, Laserjet_p2030, Laserjet_p2050, Laserjet_p3000, Laserjet_p3005, Laserjet_p4010, Laserjet_p4014, Laserjet_p4015, Laserjet_p4500, Laserjet_p4510
|
N/A
|
|
|