Summary
| Detail | |||
|---|---|---|---|
| Vendor | Hp | First view | 2018-01-23 |
| Product | G1W47V Firmware | Last view | 2018-10-03 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:hp:g1w47v_firmware:-:*:*:*:*:*:*:* | 3 |
| cpe:2.3:o:hp:g1w47v_firmware:*:*:*:*:*:*:*:* | 3 |
| cpe:2.3:o:hp:g1w47v_firmware:2308214_000910:*:*:*:*:*:*:* | 2 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2018-10-03 | CVE-2018-5921 | A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege. |
| 9.8 | 2018-01-23 | CVE-2017-2750 | Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions. |
| 6.1 | 2018-01-23 | CVE-2017-2743 | HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214_000901, 2308214_000900, and other firmware versions. The vulnerability could be exploited to perform a cross site scripting (XSS) attack. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 33% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 33% (1) | CWE-20 | Improper Input Validation |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-11-28 | Name: The remote printer is affected by a remote code execution vulnerability. File: hp_laserjet_hpsbpi03569.nasl - Type: ACT_GATHER_INFO |
| 2017-11-28 | Name: The remote printer is affected by a remote code execution vulnerability. File: hp_officejet_hpsbpi03569.nasl - Type: ACT_GATHER_INFO |
