Cross-site Request Forgery Vulnerability in HP LaserJet Pro Printers
CVE-2019-6325
8.8HIGH
Key Information:
- Vendor
HP
- Vendor
- CVE Published:
- 17 June 2019
What is CVE-2019-6325?
HP Color LaserJet Pro M280-M281 and LaserJet Pro MFP M28-M31 printer series are susceptible to cross-site request forgery due to vulnerabilities in their embedded web server. These issues could allow attackers to execute unauthorized commands on the printers, potentially compromising sensitive data and network security. Users must ensure their devices are updated to the latest firmware versions to mitigate this risk.
Affected Version(s)
HP Color LaserJet Pro M280-M281 Multifunction Printer series; HP LaserJet Pro MFP M28-M31 Printer series before 20190419
HP Color LaserJet Pro M280-M281 Multifunction Printer series; HP LaserJet Pro MFP M28-M31 Printer series before 20190426