File Upload Vulnerability in HP Web JetAdmin 7.5.2546
CVE-2004-1856

Currently unrated

Key Information:

Vendor: HP
Status: Web Jetadmin
Vendor: CVE Published:; 24 March 2004

Summary

The HP Web JetAdmin version 7.5.2546 has a security flaw within the devices_update_printer_fw_upload.hts file. When no password is configured, this vulnerability enables remote attackers to upload arbitrary files to the printer directory. This can potentially lead to unauthorized access and manipulation of the system, compromising the integrity of the network.

References

http://www.securityfocus.com/advisories/6492

vendor-advisoryx_refsource_HP

http://sh0dan.org/files/hpjadmadv.txt

x_refsource_MISC

http://marc.info/?l=bugtraq&m=108016019623003&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Mar 24, 2004