Skip to main content

HP IP Phone EUVDEUVD-2026-42445

| CVE-2026-5922 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-07-08 hp-security-alert@hp.com GHSA-gf54-33r5-j829
5.9
CVSS 4.0 · Vendor: hp
Share

Severity by source

Vendor (hp) PRIMARY
5.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.4 MEDIUM

Stored XSS requires low-privilege config write (PR:L) and admin page view (UI:R); scope changes to browser (S:C) with limited C and I impact, no availability effect.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (hp).

CVSS VectorVendor: hp

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

2
Patch available
Jul 08, 2026 - 23:04 EUVD
Analysis Generated
Jul 08, 2026 - 22:41 vuln.today

DescriptionCVE.org

The IP phone might use malicious input stored in configuration parameters and render it as content for the WebUI’s webpage.

AnalysisAI

Stored cross-site scripting in HP IP phone WebUI allows a low-privileged authenticated attacker to inject malicious script content into configuration parameters, which the phone's web management interface later renders unsanitized to visiting users. When an administrator browses the affected WebUI page, the injected payload executes in their browser session, producing a High integrity impact within the WebUI context. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to phone WebUI with low-privilege account
Delivery
Inject XSS payload into configuration parameter field
Exploit
Payload persists in device configuration storage
Execution
Administrator browses affected WebUI page
Persist
Stored script executes in administrator browser
Impact
Unauthorized actions performed within WebUI session context

Vulnerability AssessmentAI

Exploitation The attacker must have network-level access to the HP IP phone's WebUI and possess at minimum low-privileged credentials sufficient to write values to configuration parameters (confirmed by PR:L in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.9 (Medium) is consistent with the actual risk profile: network-reachable (AV:N), low complexity (AC:L), but gated by low-privilege authentication (PR:L), a passive second-user trigger (UI:P), and specific attack prerequisites (AT:P). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with low-privileged credentials on the HP IP phone's WebUI - such as a shared reception account - navigates to the configuration parameter interface and injects a JavaScript payload into a text field that is stored in the device configuration. When a network administrator later opens the WebUI to modify phone settings, the stored payload silently executes in the administrator's browser, potentially redirecting them, submitting unauthorized configuration changes, or harvesting session tokens. …
Remediation Consult HP security advisory HPSBPY04108 at https://support.hp.com/us-en/document/ish_15255534-15255565-16/hpsbpy04108 for the vendor-released patched firmware version - the exact fix version is not independently confirmed from the available intelligence data beyond the advisory URL and must be verified there before deployment. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-42445 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy