CVE-2011-4161

Опубликовано: 01 дек. 2011

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:hp:color_laserjet_3000:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_3800:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_4730:mfp:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cm3530:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cm4540:mfp:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cm4730:mfp:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cm6030:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cm6040:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cp3505:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cp3525:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cp4005:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cp5525:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_enterprise_cp4520:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*

cpe:2.3:h:hp:digital_sender_9200c:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:digital_sender_9250c:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_500_color:m551:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_600:m601:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_600:m602:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_600:m603:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_m4555:mfp:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_enterprise_p3015:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_m3035:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_m5035:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_m9040:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_m9050:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*

cpe:2.3:h:hp:laserjet_p4515:*:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.15988

Средний

10 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-vv8q-r8fx-pgjx

github

больше 3 лет назад