The Hacker News Logo
Subscribe to Newsletter

HP LaserJet Pro Printers remotely exploitable to gain unauthorized access to Wi-Fi and Printer Data

Do you own an HP printer? If so, it may be vulnerable to Hackers. Multiple HP LaserJet Pro Printers are printer vulnerable to hackers according to a new advisory posted by the vendor, dubbed as CVE-2013-4807 (SSRT101181).

Researcher 'Micha Sajdak' of Securitum.pl have found a security hole HP LaserJet printers that allows a remote hacker to extract the admin password in plain text, among other information like WiFi settings including the WPS PIN.
The main issue is with some of the networked HP LaserJet printers, having hidden URLs hardcoded in the firmware, which can be accessed without authentication. The vulnerability could be exploited remotely to gain unauthorized access to data.

For example : http://IP_ADDRESS/dev/save_restore.xml

Where the password seems to be encrypted, but the value contains a hex representation of the admin password in plain text, i.e. 0x746573746f7765 = testowe.

Also, If a printer is WiFi enabled, then the WiFi info can be extracted from using below url:
http://IP_ADDRESS:8080/IoMgmt/Adapters/wifi0/WPS/Pin
Affected models are HP LaserJet Pro P1102w, HP LaserJet Pro P1606dn, HP LaserJet Pro CP1025nw, HP LaserJet Pro M1212nf MFP, HP LaserJet Pro M1213nf MFP, HP LaserJet Pro M1214nfh MFP, HP LaserJet Pro M1216nfh MFP, HP LaserJet Pro M1217nfw MFP, HP LaserJet Pro M1218nfs MFP, and Possibly others too.

HP has provided an updated printer firmware version: 20130703 to resolve this issue.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.