CVE-2009-0941
HP Digital Sender and LaserJet Printers - Unauthenticated Access via Default Embedded Web Server
Title source: llmDescription
The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
References (4)
Core 4
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0754
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01684566
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/501884/100/0/threaded
Vendor Advisory x_refsource_misc
http://www.louhinetworks.fi/advisory/HP_20090317.txt
Scores
EPSS
0.0093
EPSS Percentile
76.3%
Details
CWE
CWE-264
Status
published
Products (50)
hp/8100c_digital_sender
hp/9100c_digital_sender
hp/9200c_digital_sender
hp/9250c_digital_sender
hp/color_laserjet
hp/color_laserjet_1500
hp/color_laserjet_2500
hp/color_laserjet_2500l
hp/color_laserjet_2500lse
hp/color_laserjet_2500n
... and 40 more
Published
Mar 18, 2009
Tracked Since
Feb 18, 2026