CVE-2010-4107

HP 9000 - Path Traversal

Title source: rule

Description

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack.

Exploits (4)

exploitdb WORKING POC VERIFIED

by n.runs AG · textremotehardware

https://www.exploit-db.com/exploits/15631

View Code ZIP pw:eip

exploitdb WORKING POC

by @0x00string · perlwebappshardware

https://www.exploit-db.com/exploits/32990

View Code ZIP pw:eip

exploitdb WORKING POC

by Myo Soe · rubyremotehardware

https://www.exploit-db.com/exploits/17636

View Code ZIP pw:eip

exploitdb WORKING POC

by Myo Soe · rubyremotehardware

https://www.exploit-db.com/exploits/17635

View Code ZIP pw:eip

References (9)

[Vendor Advisory] http://secunia.com/advisories/42238

[Various Sources] http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02004333

[Various Sources] http://www.nruns.com/_downloads/SA-2010%20003-Hewlett-Packard.pdf

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2987

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/63261

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/44882

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/15631

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1024741

[Third Party Advisory] http://securityreason.com/securityalert/8328

Scores

EPSS 0.2997

EPSS Percentile 96.7%

Details

CWE

CWE-22

Status published

Products (8)

hp/9000

hp/color_laserjet_mfp

hp/laserjet_4100

hp/laserjet_4200

hp/laserjet_4300

hp/laserjet_5100

hp/laserjet_8150

hp/laserjet_mfp

Published Nov 17, 2010

Tracked Since Feb 18, 2026