HP OfficeJet Pro Wi-Fi Direct Support Printer Configuration Unauthenticated Access
Critical Nessus Plugin ID 99591
SynopsisThe remote HP OfficeJet printer is using a default configuration that allows unauthenticated access to configuration files.
DescriptionThe remote HP OfficeJet Pro printer is using a default configuration that lacks access controls and authentication for the Wi-Fi Direct Support feature. An unauthenticated, remote attacker can exploit this to gain read and write access to the printer configuration in the embedded web server.
SolutionRestrict access to the administrative interface by setting a password.