Skip to main content

T1p99a Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-1997 MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP D9l18a Firmware D9l20a Firmware D9l21a Firmware +38
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1997
EPSS 0% CVSS 5.3
MEDIUM This Month

HP OfficeJet Pro printers (D9l18a, D9l20a, D9l21a, D9l63a firmware) are vulnerable to information disclosure through CORS misconfiguration when administrators enable the feature on the Embedded Web Server. An unauthenticated remote attacker can exploit this to access sensitive device resources from untrusted web origins. CORS remains disabled by default as a mitigation, but organizations that have explicitly enabled it should apply patches when available.

CSRF HP D9l18a Firmware +40
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy