Security News > 2021 > November > 8-year-old HP printer vulnerability affects 150 printer models

8-year-old HP printer vulnerability affects 150 printer models
2021-11-30 13:00

Researchers have discovered several vulnerabilities affecting at least 150 multi-function printers made by Hewlett Packard.

F-Secure's Bolshev and Hirvonen used an HP M725z multi-function printer unit as their testbed to discover the above flaws.

Cross-site printing: sending the exploit to the printer directly from the browser using an HTTP POST to JetDirect port 9100/TCP. This is probably the most attractive attack vector.

Disable printing from USB. Place the printer into a separate VLAN sitting behind a firewall.

A detailed guide on the best practices for securing your printer is available in HP's technical paper.

You can also watch a video demo of how this HP printer vulnerability can be exploited below.


News URL

https://www.bleepingcomputer.com/news/security/8-year-old-hp-printer-vulnerability-affects-150-printer-models/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
HP 6795 19 248 488 234 989