Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash.
AnalysisAI
CVE-2024-51982 is a denial-of-service vulnerability affecting network-connected printers and multifunction devices that expose the Printer Job Language (PJL) interface on TCP port 9100. An unauthenticated remote attacker can send a malformed PJL command with an invalid FORMLINES variable to crash the device repeatedly, causing service disruption without authentication or user interaction. The CVSS 7.5 score reflects the high availability impact, and while specific KEV/POC data was not provided in the source material, the straightforward nature of the exploit (malformed input causing crash) suggests practical exploitability.
Technical ContextAI
The vulnerability exists in the Printer Job Language (PJL) command interpreter—a standard protocol used by HP and compatible printers for job control and device configuration. PJL operates over raw TCP port 9100 (Line Printer Daemon protocol) and traditionally lacks authentication mechanisms. The root cause falls under CWE-1286 (Improper Validation of Syntactic Correctness of Input), specifically the failure to properly validate that the FORMLINES variable contains a numeric value before processing it. When the printer firmware attempts to parse a non-numeric string assigned to FORMLINES, it triggers an unhandled exception or buffer overflow condition, causing the device to crash and reboot. This is a classic case of insufficient input validation in embedded printer firmware where the PJL parser does not enforce type constraints on configuration variables.
RemediationAI
Recommended remediation steps: (1) IMMEDIATE MITIGATION: Restrict network access to TCP port 9100 using firewall rules; disable external routing to printer subnets; implement network segmentation (VLAN isolation) to prevent untrusted hosts from reaching printers; (2) PATCH DEPLOYMENT: Identify affected printer models and apply available firmware updates from the manufacturer—consult HP, Xerox, Canon, Ricoh, or Kyocera security advisories for specific patch versions and download links; (3) DEVICE HARDENING: Disable PJL if not required; if PJL is necessary, restrict it to trusted IP ranges using printer access control lists (ACLs); (4) MONITORING: Enable printer syslog/SNMP alerts to detect repeated crash/reboot sequences indicative of exploitation attempts; (5) ALTERNATIVE: Replace devices with firmware that cannot be exploited once patches are validated and tested in a lab environment. Vendors typically release firmware patches through security bulletins; check HP Security Advisory, Xerox Support, Canon ImageRunner documentation, and Ricoh Device Gateway for specific patch versions.
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software co
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown
Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoP
Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via u
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute ar
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2024-54702