Hp: >> W1a76a Firmware >> 002_2310a Security Vulnerabilities
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed.
CVSS Score
6.8
EPSS Score
0.004
Published
2024-05-23
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
CVSS Score
9.8
EPSS Score
0.018
Published
2023-06-30
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device.
CVSS Score
8.8
EPSS Score
0.005
Published
2023-06-30
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-06-30
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-06-30