CVE-2004-1856

HP Web JetAdmin 7.5.2546 - File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1856. PoCs published by wirepair.

AI-analyzed exploit summary The provided text describes a file upload vulnerability in HP Web Jetadmin's printer firmware update script, which could allow remote code execution if combined with other vulnerabilities like directory traversal. It lacks actual exploit code but details the vulnerability and affected version.

Description

devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.

Exploits (1)

exploitdb WRITEUP VERIFIED

by wirepair · textremotewindows

https://www.exploit-db.com/exploits/23878

View Code ZIP pw:eip

The provided text describes a file upload vulnerability in HP Web Jetadmin's printer firmware update script, which could allow remote code execution if combined with other vulnerabilities like directory traversal. It lacks actual exploit code but details the vulnerability and affected version.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: HP Web Jetadmin 7.5.2546

Auth required

Prerequisites: Network access to the target · Valid credentials if authentication is enabled

MITRE ATT&CK