upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x up to and including 3.13.11 launches a program from an http URL, which allows man-in-the-middle malicious users to execute arbitrary code by gaining control over the client-server data stream.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp linux imaging and printing project 3.11.3a |
||
hp linux imaging and printing project 3.13.5 |
||
hp linux imaging and printing project 3.13.4 |
||
hp linux imaging and printing project 3.12.4 |
||
hp linux imaging and printing project 3.12.2 |
||
hp linux imaging and printing project 3.11.1 |
||
hp linux imaging and printing project 3.10.9 |
||
hp linux imaging and printing project 3.9.6 |
||
hp linux imaging and printing project 3.9.4 |
||
hp linux imaging and printing project 3.13.8 |
||
hp linux imaging and printing project 3.9.4b |
||
hp linux imaging and printing project 3.13.3 |
||
hp linux imaging and printing project 3.13.2 |
||
hp linux imaging and printing project 3.11.12 |
||
hp linux imaging and printing project 3.11.10 |
||
hp linux imaging and printing project 3.10.6 |
||
hp linux imaging and printing project 3.10.5 |
||
hp linux imaging and printing project 3.9.2 |
||
hp linux imaging and printing project 3.13.7 |
||
hp linux imaging and printing project 3.13.6 |
||
hp linux imaging and printing project 3.12.10 |
||
hp linux imaging and printing project 3.12.9 |
||
hp linux imaging and printing project 3.12.6 |
||
hp linux imaging and printing project 3.11.3 |
||
hp linux imaging and printing project 3.9.10 |
||
hp linux imaging and printing project 3.9.8 |
||
hp linux imaging and printing project 3.13.10 |
||
hp linux imaging and printing project 3.13.9 |
||
hp linux imaging and printing project 3.12.11 |
||
hp linux imaging and printing project 3.11.7 |
||
hp linux imaging and printing project 3.11.5 |
||
hp linux imaging and printing project 3.10.2 |
||
hp linux imaging and printing project 3.9.12 |