Skip to main content

Laserjet Pro M304 M305 W1A47A Firmware

10 CVEs product

Monthly

CVE-2023-35178 HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow HP W1A75A Firmware W1A76A Firmware W1A77A Firmware +35
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-35177 HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption HP Buffer Overflow W1A75A Firmware W1A76A Firmware +36
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-35176 HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service HP W1A75A Firmware W1A76A Firmware +36
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-35175 CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF RCE HP W1A75A Firmware W1A76A Firmware +36
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-27973 CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE HP Buffer Overflow Laserjet Pro M304 M305 W1A46A Firmware +37
NVD VulDB
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-27972 CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE HP Buffer Overflow Laserjet Pro M304 M305 W1A46A Firmware Laserjet Pro M304 M305 W1A47A Firmware +36
NVD VulDB
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-27971 CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Buffer Overflow Laserjet Pro M304 M305 W1A46A Firmware Laserjet Pro M304 M305 W1A47A Firmware Laserjet Pro M304 M305 W1A48A Firmware +35
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-24293 CRITICAL Act Now

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP Denial Of Service Laserjet Pro M453 M454 W1Y40A Firmware +67
NVD VulDB
CVSS 3.1
9.8
EPSS
7.0%
CVE-2022-24292 CRITICAL Act Now

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP Denial Of Service Laserjet Pro M453 M454 W1Y40A Firmware +67
NVD VulDB
CVSS 3.1
9.8
EPSS
7.0%
CVE-2022-24291 HIGH This Week

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP Denial Of Service Laserjet Pro M453 M454 W1Y40A Firmware +67
NVD VulDB
CVSS 3.1
7.5
EPSS
4.4%
EPSS 0% CVSS 8.8
HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow HP W1A75A Firmware +37
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption HP Buffer Overflow +38
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service HP +38
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF RCE HP +38
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE HP +39
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE HP Buffer Overflow +38
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Buffer Overflow Laserjet Pro M304 M305 W1A46A Firmware +37
NVD VulDB
EPSS 7% CVSS 9.8
CRITICAL Act Now

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP +69
NVD VulDB
EPSS 7% CVSS 9.8
CRITICAL Act Now

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP +69
NVD VulDB
EPSS 4% CVSS 7.5
HIGH This Week

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE HP +69
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy