Remote Code Execution Vulnerability in HP Color MFP and LaserJet Products
CVE-2011-4161

Currently unrated

Key Information:

Vendor

HP
Status
Color Laserjet Enterprise Cp4520
Laserjet M5035
Laserjet Enterprise 600
Laserjet 4250
Vendor
CVE Published:
1 December 2011

What is CVE-2011-4161?

The default configuration of certain HP printers enables the Remote Firmware Update feature, which can be exploited by remote attackers. By establishing a session on TCP port 9100, attackers can upload malicious firmware updates, leading to arbitrary code execution on the affected device. This vulnerability highlights significant security risks associated with unsecured remote access configurations in multifunction printers and laser printers.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/717921
third-party-advisoryx_refsource_CERT-VN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document...
vendor-advisoryx_refsource_HP
http://isc.sans.org/diary/Hacking+HP+Printers+for+Fun+and...
x_refsource_MISC

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.