CVE-2006-1654
HP Color LaserJet Toolbox - Directory Traversal via HTTP GET Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-1654. PoCs published by Richard Horsman.
AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in HP Color LaserJet 2500/4600 Toolbox, allowing arbitrary file retrieval via unsanitized input. The example URL demonstrates the exploit path but lacks executable code.
Description
Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.
Exploits (1)
The provided text describes a directory traversal vulnerability in HP Color LaserJet 2500/4600 Toolbox, allowing arbitrary file retrieval via unsanitized input. The example URL demonstrates the exploit path but lacks executable code.