HP LaserJet M5025 MFP printer

CPE Details

HP LaserJet M5025 MFP printer
hp
laserjet_m5025_mfp
-
2007-11-06
15h20 +00:00
2009-10-13
12h37 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:h:hp:laserjet_m5025_mfp:-:*:*:*:*:*:*:*

Informations

Vendor

hp

Product

laserjet_m5025_mfp

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2009-2684 2009-10-13 08h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.
4.3
CVE-2009-0940 2009-03-18 19h35 +00:00 Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.
5.1
CVE-2009-0941 2009-03-18 19h35 +00:00 The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.
7.6