CVE-2017-2741

CRITICAL

HP PageWide/OfficeJet Pro <1708D - RCE

Title source: llm

Description

A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremoteunix

https://www.exploit-db.com/exploits/45273

View Code ZIP pw:eip

exploitdb WORKING POC

by Jacob Baines · pythonremotehardware

https://www.exploit-db.com/exploits/42176

View Code ZIP pw:eip

nomisec WRITEUP

by dopheide-esnet · poc

https://github.com/dopheide-esnet/zeek-jetdirect

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Jacob Baines · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/hp_jetdirect_path_traversal.rb

View Code ZIP pw:eip

References (3)

[Vendor Advisory] https://support.hp.com/us-en/document/c05462914

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/42176/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/45273/

Scores

CVSS v3 9.8

EPSS 0.8764

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (38)

hp/d3q15a_firmware < 1708d

hp/d3q15b_firmware < 1708d

hp/d3q15d_firmware < 1708d

hp/d3q16a_firmware < 1708d

hp/d3q16b_firmware < 1708d

hp/d3q16c_firmware < 1708d

hp/d3q16d_firmware < 1708d

hp/d3q17a_firmware < 1708d

hp/d3q17c_firmware < 1708d

hp/d3q17d_firmware < 1708d

... and 28 more

Published Jan 23, 2018

Tracked Since Feb 18, 2026