high
8.8
CWE
352
Advisory Published
Updated

CVE-2018-5921: CSRF

First published: Wed Oct 03 2018(Updated: )

A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. This vulnerability is known as Cross Site Request Forgery, and could potentially be exploited remotely to allow elevation of privilege.

Credit: hp-security-alert@hp.com

Affected SoftwareAffected VersionHow to fix
HP F2A70A<2405129_000052
HP F2A70A Firmware
HP 2A71A Firmware<2405129_000052
HP F2A71A Firmware
HP F2A67A Firmware<2405129_000052
HP F2A67A Firmware
HP B5L26A<2405129_000056
HP B5L26A Firmware
HP Color LaserJet Enterprise M553 B5L39A Firmware<2405129_000056
HP Color LaserJet Enterprise M553
HP Officejet Enterprise Color X555 C2s11a<2405129_000055
Hp C2s11a Firmware
HP C2s11v Firmware<2405129_000055
HP C2s11v Firmware
HP Officejet Enterprise X555 C2s12a<2405129_000055
Hp C2s12a Firmware
HP C2S12V<2405129_000055
HP C2S12V Firmware
HP L1H45A<2405129_000055
HP L1H45A
HP PageWide Enterprise Color 556 G1w46a<2405129_000051
HP G1W46V Firmware
HP G1W46V Firmware<2405129_000051
HP G1W46V Firmware
HP G1W47A Firmware<2405129_000051
HP G1W47A
Hp G1w47v Firmware<2405129_000051
Hp G1w47v Firmware
HP L3U44A Firmware<2405129_000051
HP L3U44A Firmware
HP L3U44A Firmware<2405135_000394
HP E6B71A Firmware<2405129_000046
HP E6B71A Firmware
HP E6B73A Firmware<2405129_000046
HP E6B73A Firmware
HP K0Q14A<2405130_000069
HP K0Q14A
HP K0Q15A Firmware<2405130_000069
HP K0Q15A Firmware
HP K0Q17A<2405130_000069
HP K0Q17A
HP K0Q18A<2405130_000069
HP K0Q18A Firmware
HP M0P32A Firmware<2405130_000069
HP M0P32A Firmware
HP K0Q19A<2405130_000069
HP K0Q19A Firmware
HP K0Q20A<2405130_000069
HP K0Q20A
HP K0Q21A Firmware<2405130_000069
HP K0Q21A Firmware
HP K0Q22A<2405130_000069
HP K0Q22A
HP M0p33a<2405130_000069
HP M0p33a
Hp M0p35a Firmware<2405130_000069
Hp M0p35a Firmware
HP M0P36A<2405130_000069
HP M0p36a Firmware
HP M0p39a<2405130_000069
HP M0P39A Firmware
HP M0P40A<2405130_000069
HP M0P40A
HP Color LaserJet Managed M651 H0dc9a Firmware<2405129_000047
HP Color LaserJet Managed M651
Hp L8z07a Firmware<2405129_000047
Hp L8z07a Firmware
HP J7Z98A<2405130_000068
HP J7Z98A Firmware
Hp J7z99a Firmware<2405130_000068
Hp J7z99a Firmware
HP J8A04A<2405130_000068
HP J8A04A Firmware
HP J8A05A Firmware<2405130_000068
HP J8A05A Firmware
Hp J8a06a Firmware<2405130_000068
HP J8A06A
Hp L3u55a Firmware<2405130_000068
HP L3U55A
Hp L3u56a Firmware<2405130_000068
Hp L3u56a Firmware
Hp L3u57a Firmware<2405130_000068
HP LaserJet Managed E65050 L3U57A
HP J7Z04A<2405087_018564
HP J7Z04A Firmware
HP J7Z06A Firmware<2405087_018564
HP J7Z06A Firmware
HP CZ244A<2405129_000059
HP CZ244A Firmware
HP A2W77A<2405129_000057
HP A2W77A Firmware
HP CZ245A Firmware<2405129_000059
HP CZ245A Firmware
HP A2W78A<2405129_000057
HP A2W78A
Hp A2w79a Firmware<2405129_000057
HP A2W79A
HP D7P73A<2405129_000057
HP D7P73A Firmware
HP CF116A Firmware<2405129_000048
HP CF116A Firmware
HP CF117A Firmware<2405129_000048
HP CF117A Firmware
HP CF118A Firmware<2405129_000048
HP CF118A Firmware
Hp L3u59a Firmware<2405129_000048
HP LaserJet Managed 500 MFP M525
Hp L3u60a Firmware<2405129_000048
Hp L3u60a Firmware
HP F2A76A Firmware<2405129_000039
HP F2A76A Firmware
HP F2A77A<2405129_000039
HP F2A77A Firmware
HP F2A81A<2405129_000039
HP F2A81A
HP F2A78V<2405129_000039
Hp F2a78v Firmware
Hp F2a79a<2405129_000039
Hp F2a79a Firmware
HP F2A80A Firmware<2405129_000039
HP F2A80A Firmware
HP CD644A Firmware<2405135_000409
HP CD644A Firmware
Hp Cd645a Firmware<2405135_000409
HP CD645A
HP CD646A<2405129_000045
HP CD646A Firmware
Hp L3u46a Firmware<2405129_000045
HP L3U46A
Hp L3u45a Firmware<2405129_000045
HP LaserJet Managed 500 MFP M575
HP B5L46A Firmware<2405129_000038
HP B5L46A Firmware
HP B5L47A Firmware<2405129_000038
HP Color LaserJet Enterprise Flow MFP M577 B5L47A
HP B5L48A Firmware<2405129_000038
HP B5L48A Firmware
HP B5L54A Firmware<2405129_000038
HP Color LaserJet Enterprise MFP M577
Hp B5l49a Firmware<2405129_000038
HP B5L49A
Hp B5l50a Firmware<2405129_000038
HP Color Laserjet Managed MFP M577 B5L50A Firmware
HP B5L04A Firmware<2405129_000050
HP B5L04A Firmware
HP B5L05V<2405129_000050
HP Officejet Managed MFP X585 B5L05A
HP B5L06A<2405129_000050
HP B5L06A Firmware
HP B5L07A Firmware<2405129_000050
HP B5L07A Firmware
HP L3U40A Firmware<2405129_000050
HP L3U40A Firmware
Hp L3u41a Firmware<2405129_000050
HP Officejet Enterprise Flow MFP X585 L3U41A
HP G1w39v<2405129_000066
HP Pagewide Enterprise Color Flow MFP 586z G1w39a
HP G1W39V<2405129_000066
HP G1W39V
HP G1W40A<2405129_000066
HP G1W40A
HP G1W40V Firmware<2405129_000066
HP G1W40V Firmware
HP G1W41A<2405129_000066
HP G1W41A Firmware
HP G1W41V Firmware<2405129_000066
HP G1W41V Firmware
HP L3U42A Firmware<2405129_000066
HP L3U42A Firmware
HP L3U43A Firmware<2405129_000066
HP LaserJet Managed E75245
HP B3G85A<2405129_000040
HP B3G85A Firmware
HP J7x28a Firmware<2405129_000040
HP J7X28A
HP B3G84A Firmware<2405129_000040
HP B3G84A Firmware
HP P7Z47A<2405129_000040
HP P7z47a Firmware
HP B3G86A<2405129_000040
HP B3G86A Firmware
Hp L3u61a Firmware<2405129_000040
Hp L3u61a Firmware
HP L3U62A Firmware<2405129_000040
HP L3U62A Firmware
HP P7z48a<2405129_000040
HP P7Z48A Firmware
HP J8J64A Firmware<2405129_000041
HP J8J64A Firmware
HP J8J63A Firmware<2405129_000041
HP J8J63A Firmware
HP J8J65A Firmware<2405129_000041
HP J8J65A Firmware
HP J8J70A Firmware<2405129_000041
HP J8J70A Firmware
HP J8J71A Firmware<2405129_000041
HP J8J71A Firmware
Hp J8j72a Firmware<2405129_000041
HP J8J72A
HP J8J76A Firmware<2405129_000041
HP J8J76A Firmware
HP J8J78A Firmware<2405129_000041
HP J8J78A Firmware
HP J8J66A Firmware<2405129_000041
HP J8J66A Firmware
HP J8J67A<2405129_000041
HP J8J67A Firmware
HP J8J73A Firmware<2405129_000041
HP J8J73A Firmware
HP J8J74A<2405129_000041
HP LaserJet M501dn
HP J8J79A Firmware<2405129_000041
HP J8J79A Firmware
HP J8J80A Firmware<2405129_000041
HP J8J80A Firmware
HP CZ248A Firmware<2405129_000042
HP CZ248A Firmware
HP CZ249A Firmware<2405129_000042
HP CZ249A Firmware
HP CZ250A<2405129_000042
HP CZ250A Firmware
HP Ca251a Firmware<2405129_000042
HP Ca251a Firmware
HP L3U47A Firmware<2405129_000042
HP L3U47A Firmware
Hp L3u48a Firmware<2405129_000042
Hp L3u48a Firmware
Hp J8a10a Firmware<2405129_000037
Hp J8a10a Firmware
Hp J8a11a Firmware<2405129_000037
Hp J8a11a Firmware
Hp J8a12a Firmware<2405129_000037
HP J8A12A
HP J8A13A Firmware<2405129_000037
HP J8A13A Firmware
Hp J8a17a Firmware<2405129_000037
Hp J8a17a Firmware
Hp J8a16a Firmware<2405129_000037
HP J8A16A
Hp L3u67a Firmware<2405129_000037
Hp L3u67a Firmware
HP L3U70A Firmware<2405129_000037
HP L3U70A Firmware
HP L3U66A Firmware<2405129_000037
Hp L3U66A Firmware
HP L3U69A Firmware<2405129_000037
HP L3U69A Firmware
HP CF066A Firmware<2405129_000058
HP Cf066A
HP Cf067a<2405129_000058
HP CF067A Firmware
HP CF068A Firmware<2405129_000058
HP CF068A Firmware
Hp Cf069a Firmware<2405129_000058
HP Cf069A
Hp L3u63a Firmware<2405129_000058
Hp L3u63a Firmware
Hp L3u64a Firmware<2405129_000058
HP LaserJet Managed E75245 T3U64A
Hp Cc522a Firmware<2405135_000405
HP CC522A
HP CC523A Firmware<2405135_000405
HP CC523A Firmware
HP CC524A<2405135_000405
HP CC524A Firmware
HP L3U49A Firmware<2405135_000405
HP LaserJet Managed MFP M775 L3U49A
Hp L3u50a Firmware<2405135_000405
Hp L3u50a Firmware
HP CF367A Firmware<2405129_000060
HP CF367A Firmware
HP D7P68A<2405129_000060
HP D7P68A
HP L3U65A<2405129_000060
HP L3U65A Firmware
HP A2W76A<2405129_000054
HP A2W76A Firmware
HP A2W75A<2405129_000054
HP A2W75A Firmware
Hp D7p70a Firmware<2405129_000054
HP D7P70A
HP D7p71a<2405129_000054
HP D7p71a
HP D7P68A<2405129_000054
Hp L3u51a Firmware<2405129_000054
Hp L3u51a Firmware
HP L3U52A Firmware<2405129_000054
HP L3U52A Firmware
HP L3U65A<2405129_000054
HP X3A69A Firmware<2405347_024815
HP X3A69A Firmware
HP X3A68A Firmware<2405347_024815
HP X3A68A Firmware
HP Z8z19a Firmware<2405347_024815
HP Z8 Workstation
HP Z8z18a Firmware<2405347_024815
HP Z8 G4 Workstation
Hp X3a72a<2405347_024815
Hp X3a72a Firmware
Hp X3a71a Firmware<2405347_024815
Hp X3a71a Firmware
HP Z8 Z21A<2405347_024815
HP Z8 Z21A
Hp Z8z20a Firmware<2405347_024815
HP Z8 G4 Workstation
Hp X3a79a Firmware<2405347_024815
HP LaserJet Managed Flow MFP E82540 X3A79A
Hp Z8z23a Firmware<2405347_024815
Hp Z8z23a Firmware
Hp Z8z22a Firmware<2405347_024815
Hp Z8z22a Firmware
HP X3A75A Firmware<2405347_024815
HP X3A75A Firmware
HP X3A74A Firmware<2405347_024815
HP Laserjet Managed Flow Mfp E82540
HP X3A59A<2405347_024821
HP X3A59A Firmware
Hp X3a60a Firmware<2405347_024821
Hp X3a60a Firmware
HP Z8 Z06A Firmware<2405347_024821
HP Z8 Workstation
HP Z8Z07A Firmware<2405347_024821
HP Z8Z07A Firmware
HP X3A62A<2405347_024821
Hp X3a62a Firmware
HP X3A63A<2405347_024821
HP X3A63A Firmware
Hp Z8z09a Firmware<2405347_024821
Hp Z8z09a Firmware
HP Z8z08a Firmware<2405347_024821
HP Z8z08a Firmware
Hp X3a65a Firmware<2405347_024821
Hp X3a65a Firmware
Hp X3a66a Firmware<2405347_024821
HP Laserjet Managed Flow Mfp E72525 X3A66A
HP Z8z11a Firmware<2405347_024821
HP Z8 G4 Workstation
HP Z8 G4 Workstation Firmware<2405347_024821
HP Z8 Workstation
Hp X3a87a Firmware<2405347_024814
Hp X3a87a Firmware
HP X3A86A Firmware<2405347_024814
HP X3A86A Firmware
HP Z8z12a Firmware<2405347_024814
HP Z8 G4 Workstation
HP Z8z13a Firmware<2405347_024814
HP Z8z13a Firmware
HP X3A90A Firmware<2405347_024814
HP X3A90A Firmware
Hp X3a89a Firmware<2405347_024814
Hp X3a89a Firmware
HP Z8z14a Firmware<2405347_024814
HP Z8 Workstation
Hp Z8z15a Firmware<2405347_024814
HP Z8 G4 Workstation
HP X3A92A Firmware<2405347_024814
HP Color LaserJet Managed MFP E87640
Hp X3a93a Firmware<2405347_024814
Hp X3a93a Firmware
HP Z8z16a Firmware<2405347_024814
HP Z8 Workstation
Hp Z8z17a Firmware<2405347_024814
HP Z8 G4 Workstation
Hp X3a78a Firmware<2405347_024820
HP X3A78A
Hp X3a77a Firmware<2405347_024820
HP Laserjet Managed Flow Mfp E77822 X3a77a
HP Z8z00a Firmware<2405347_024820
HP Z8 Workstation
HP Z8z01a Firmware<2405347_024820
HP Z8 Workstation
Hp X3a81a Firmware<2405347_024820
Hp X3a81a Firmware
Hp X3a80a Firmware<2405347_024820
Hp X3a80a Firmware
HP Z8z02a Firmware<2405347_024820
HP Z8 G4 Workstation
Hp Z8z03a Firmware<2405347_024820
Hp Z8z03a Firmware
HP X3A84A<2405347_024820
HP X3A84A Firmware
HP X3A83A Firmware<2405347_024820
HP LaserJet Managed Flow MFP E77825 X3A83A
Hp Z8z05a Firmware<2405347_024820
HP Z8 Workstation
Hp Z8z04a Firmware<2405347_024820
HP Z8 G4 Workstation
HP Digital Sender Flow 8500 Fn2 L2762A Firmware<2405087_018553
HP L2762A
Hp L2683a<2405087_018552
HP L2683A Firmware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2018-5921?

    CVE-2018-5921 is classified as a medium severity vulnerability due to its potential for exploitation via Cross Site Request Forgery, which could allow for elevation of privilege.

  • How do I fix CVE-2018-5921?

    To remediate CVE-2018-5921, HP recommends updating the firmware of affected printers and MFPs to a version later than 2405129_000052.

  • Which HP printer models are affected by CVE-2018-5921?

    CVE-2018-5921 affects various HP printer models such as F2A70A, F2A71A, and B5L26A, specifically on firmware version 2405129_000052 and earlier.

  • Can CVE-2018-5921 be exploited remotely?

    Yes, CVE-2018-5921 can potentially be exploited remotely through Cross Site Request Forgery.

  • How was CVE-2018-5921 discovered?

    CVE-2018-5921 was identified during routine security assessments of HP printer products.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203