Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 2013-07-26 20130703 allows remote attackers to modify data via unknown vectors.

Unspecified vulnerability on the HP LaserJet Pro P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh MFP, M1217nfw MFP, M1218nfs MFP, and CP1025nw with firmware before 20130703 allows remote attackers to modify data via unknown vectors.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

The remote HP LaserJet Pro printer is affected by an information disclosure vulnerability.  The file '/dev/save_restore.xml' contains a hexadecimal representation of the administrative password.  This information can be used by an attacker in further attacks.

The remote HP LaserJet Pro printer is affected by an information disclosure vulnerability.  The file '/IoMgmt/Adapters/wifi0/WPS/Pin' contains the 'Wi-Fi Protected Security' (WPS) PIN.  This information can be used by an attacker in further attacks.

The remote HP printer is potentially affected by the following unauthorized information disclosure vulnerabilities :

  - The URL '/dev/save_restore.xml' contains a hexadecimal     representation of the administrator password. This URL     also contains the wireless 'service set identifier'     (SSID), which could aid in further attacks.

  - The URL '/IoMgmt/Adapters/wifi0/WPS/Pin' contains the     'Wi-Fi Protected Setup' (WPS) PIN.

ID	Name	Product	Family	Severity
505350	HP LaserJet Printers Missing Authorization (CVE-2013-4807)	Tenable OT Security	Tenable.ot	high
69283	HP LaserJet Pro /dev/save_restore.xml Administrative Password Disclosure	Nessus	CGI abuses	high
69282	HP LaserJet Pro /IoMgmt/Adapters/wifi0/WPS/Pin WPS PIN Disclosure	Nessus	CGI abuses	high
69281	HP LaserJet Pro Printers Multiple Information Disclosures (July 2013)	Nessus	Misc.	high

Detections

Analytics

CVE-2013-4807

critical

Tenable Plugins

high

high

high

high