5
CVSSv2

CVE-2006-1654

Published: 06/04/2006 Updated: 18/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows prior to 20060402 allows remote malicious users to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

Vulnerable Product Search on Vulmon Subscribe to Product

hp color laserjet 2500 toolbox

hp color laserjet 4600 toolbox

hp color laserjet 4600dn

hp color laserjet 4600dtn

hp color laserjet 4600hdn

hp color laserjet 2500

hp color laserjet 2500l

hp color laserjet 2500lse

hp color laserjet 2500n

hp color laserjet 2500tn

hp color laserjet 4600

Exploits

source: wwwsecurityfocuscom/bid/17367/info The HP Color LaserJet 2500/4600 Toolbox is prone to a directory-traversal vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context o ...