HP : Security Vulnerabilities, CVEs, Published In 2013 (Directory traversal) CVSS score >= 3
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
Max CVSS
7.8
EPSS Score
0.53%
Published
2013-06-14
Updated
2013-06-14
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
Max CVSS
5.0
EPSS Score
0.23%
Published
2013-04-29
Updated
2013-12-31
2 vulnerabilities found