Skip to main content

HP EUVDEUVD-2024-54702

| CVE-2024-51982 HIGH
Improper Validation of Syntactic Correctness of Input (CWE-1286)
2025-06-25 cve@rapid7.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 15, 2026 - 23:19 euvd
EUVD-2024-54702
Analysis Generated
Mar 15, 2026 - 23:19 vuln.today
CVE Published
Jun 25, 2025 - 08:15 nvd
HIGH 7.5

DescriptionCVE.org

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash.

AnalysisAI

CVE-2024-51982 is a denial-of-service vulnerability affecting network-connected printers and multifunction devices that expose the Printer Job Language (PJL) interface on TCP port 9100. An unauthenticated remote attacker can send a malformed PJL command with an invalid FORMLINES variable to crash the device repeatedly, causing service disruption without authentication or user interaction. The CVSS 7.5 score reflects the high availability impact, and while specific KEV/POC data was not provided in the source material, the straightforward nature of the exploit (malformed input causing crash) suggests practical exploitability.

Technical ContextAI

The vulnerability exists in the Printer Job Language (PJL) command interpreter—a standard protocol used by HP and compatible printers for job control and device configuration. PJL operates over raw TCP port 9100 (Line Printer Daemon protocol) and traditionally lacks authentication mechanisms. The root cause falls under CWE-1286 (Improper Validation of Syntactic Correctness of Input), specifically the failure to properly validate that the FORMLINES variable contains a numeric value before processing it. When the printer firmware attempts to parse a non-numeric string assigned to FORMLINES, it triggers an unhandled exception or buffer overflow condition, causing the device to crash and reboot. This is a classic case of insufficient input validation in embedded printer firmware where the PJL parser does not enforce type constraints on configuration variables.

RemediationAI

Recommended remediation steps: (1) IMMEDIATE MITIGATION: Restrict network access to TCP port 9100 using firewall rules; disable external routing to printer subnets; implement network segmentation (VLAN isolation) to prevent untrusted hosts from reaching printers; (2) PATCH DEPLOYMENT: Identify affected printer models and apply available firmware updates from the manufacturer—consult HP, Xerox, Canon, Ricoh, or Kyocera security advisories for specific patch versions and download links; (3) DEVICE HARDENING: Disable PJL if not required; if PJL is necessary, restrict it to trusted IP ranges using printer access control lists (ACLs); (4) MONITORING: Enable printer syslog/SNMP alerts to detect repeated crash/reboot sequences indicative of exploitation attempts; (5) ALTERNATIVE: Replace devices with firmware that cannot be exploited once patches are validated and tested in a lab environment. Vendors typically release firmware patches through security bulletins; check HP Security Advisory, Xerox Support, Canon ImageRunner documentation, and Ricoh Device Gateway for specific patch versions.

More in HP

View all
CVE-2017-3881 CRITICAL POC
9.8 Mar 17

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software co

CVE-2013-4810 CRITICAL POC
9.8 Sep 16

HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle

CVE-2014-2623 CRITICAL POC
10.0 Jul 18

Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown

CVE-2013-6221 CRITICAL POC
10.0 Jun 18

Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoP

CVE-2013-2367 CRITICAL POC
10.0 Jul 31

Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execu

CVE-2013-4811 CRITICAL POC
10.0 Sep 16

UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4

CVE-2013-4798 CRITICAL POC
10.0 Jul 29

Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown ve

CVE-2012-2020 CRITICAL POC
10.0 Jul 11

Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via u

CVE-2013-2333 CRITICAL POC
10.0 Jun 06

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arb

CVE-2014-2624 CRITICAL POC
10.0 Sep 11

Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute ar

CVE-2013-6194 CRITICAL POC
10.0 Jan 04

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a

CVE-2013-2347 CRITICAL POC
10.0 Jan 04

The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary

Share

EUVD-2024-54702 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy