Hp: >> Jetadmin Security Vulnerabilities
The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.
CVSS Score
7.5
EPSS Score
0.006
Published
2001-08-31
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVSS Score
6.4
EPSS Score
0.005
Published
2001-08-31
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS Score
7.5
EPSS Score
0.044
Published
2000-05-24
HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000.
CVSS Score
5.0
EPSS Score
0.052
Published
2000-05-24
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
CVSS Score
7.2
EPSS Score
0.001
Published
1998-07-15