CVE-2025-3508

MEDIUM

HP DesignJet - Info Disclosure

Title source: llm

Description

Certain HP DesignJet products may be vulnerable to information disclosure though printer's web interface allowing unauthenticated users to view sensitive print job information.

References (1)

[Various Sources] https://support.hp.com/us-en/document/ish_12798086-12798125-16/hpsbpi04039

Scores

CVSS v3 6.5

EPSS 0.0004

EPSS Percentile 12.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (50)

hp/w3z72e_firmware < jgr9_09_25_22.1

hp/w3z72f_firmware < jgr9_09_25_22.1

hp/w3z72g_firmware < jgr9_09_25_22.1

hp/w3z72h_firmware < jgr9_09_25_22.1

hp/w6b55a_firmware < jgrw_09_25_22.1

hp/w6b55b_firmware < jgrw_09_25_22.1

hp/w6b55c_firmware < jgrw_09_25_22.1

hp/w6b55d_firmware < jgrw_09_25_22.1

hp/w6b55e_firmware < jgrw_09_25_22.1

hp/w6b55f_firmware < jgrw_09_25_22.1

hp/w6b55g_firmware < jgrw_09_25_22.1

hp/w6b55h_firmware < jgrw_09_25_22.1

hp/w6b56a_firmware < jgrw_09_25_22.1

hp/w6b56b_firmware < jgrw_09_25_22.1

hp/w6b56c_firmware < jgrw_09_25_22.1

... and 35 more

Timeline

Published Jul 25, 2025

Tracked Since Feb 18, 2026