CVE-2004-1856

Currently unrated

Key Information:

Vendor: HP
Status: Web Jetadmin
Vendor: CVE Published:; 24 March 2004

Summary

devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.

References

http://www.securityfocus.com/advisories/6492

vendor-advisoryx_refsource_HP

http://sh0dan.org/files/hpjadmadv.txt

x_refsource_MISC

http://marc.info/?l=bugtraq&m=108016019623003&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Mar 24, 2004