Do you own an HP printer? If so, it may be vulnerable to Hackers. Multiple HP LaserJet Pro Printers are printer vulnerable to hackers according to a new advisory posted by the vendor, dubbed as CVE-2013-4807 (SSRT101181).
Researcher 'Micha Sajdak' of Securitum.pl have found a security hole HP LaserJet printers that allows a remote hacker to extract the admin password in plain text, among other information like WiFi settings including the WPS PIN.
The main issue is with some of the networked HP LaserJet printers, having hidden URLs hardcoded in the firmware, which can be accessed without authentication. The vulnerability could be exploited remotely to gain unauthorized access to data.
For example : http://IP_ADDRESS/dev/save_restore.xml
Where the password seems to be encrypted, but the value contains a hex representation of the admin password in plain text, i.e. 0x746573746f7765 = testowe.
Also, If a printer is WiFi enabled, then the WiFi info can be extracted from using below url:
Affected models are HP LaserJet Pro P1102w, HP LaserJet Pro P1606dn, HP LaserJet Pro CP1025nw, HP LaserJet Pro M1212nf MFP, HP LaserJet Pro M1213nf MFP, HP LaserJet Pro M1214nfh MFP, HP LaserJet Pro M1216nfh MFP, HP LaserJet Pro M1217nfw MFP, HP LaserJet Pro M1218nfs MFP, and Possibly others too.
HP has provided an updated printer firmware version: 20130703 to resolve this issue.
About the author