QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4161

Published: Dec 1, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_HP

http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and+Profit/12112

x_refsource_MISC

vendor-advisory

x_refsource_HP

http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

[dailydave] 20111130 The Vampire Diaries

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.