First published: Fri Jun 30 2023(Updated: )
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Credit: hp-security-alert@hp.com
Affected Software | Affected Version | How to fix |
---|---|---|
HP LaserJet Pro MFP M478-M479 W1A75A | <002_2322c | |
HP LaserJet Pro MFP M478-M479 | ||
HP Color LaserJet Pro MFP M478 Firmware | <002_2322c | |
HP LaserJet Pro MFP M478-M479 W1A76A Firmware | ||
HP LaserJet Pro MFP M478-M479 W1A77A | <002_2322c | |
HP LaserJet Pro MFP M478-M479 | ||
HP Color LaserJet Pro MFP M478 | <002_2322c | |
HP LaserJet Pro MFP M478-M479 W1A78A Firmware | ||
HP LaserJet Pro MFP M478-M479 Firmware | <002_2322c | |
HP LaserJet Pro MFP M478-M479 | ||
HP LaserJet Pro MFP M478-M479 W1A80A | <002_2322c | |
HP LaserJet Pro MFP M478-M479 | ||
HP LaserJet Pro MFP M478-M479 Firmware | <002_2322c | |
HP LaserJet Pro MFP M478-M479 | ||
HP LaserJet Pro MFP M478-M479 | <002_2322c | |
HP LaserJet Pro MFP M478-M479 W1A82A Firmware | ||
HP LaserJet Pro M453-M454 | <002_2322c | |
HP LaserJet Pro M453-M454 | ||
HP LaserJet Pro M453-M454 | <002_2322c | |
HP LaserJet Pro M453-M454 | ||
HP LaserJet Pro M453-M454 Firmware | <002_2322c | |
HP LaserJet Pro M453-M454 | ||
HP LaserJet Pro M453/M454 Firmware | <002_2322c | |
HP LaserJet Pro M453/M454 Firmware | ||
HP LaserJet Pro M453-M454 Firmware | <002_2322c | |
HP LaserJet Pro M453 M454 | ||
HP LaserJet Pro M453-M454 Firmware | <002_2322c | |
HP LaserJet Pro M453-M454 Firmware | ||
HP LaserJet Pro M453/M454 Firmware | <002_2322c | |
HP LaserJet Pro M453/M454 Firmware | ||
HP LaserJet Pro M304-M305 Firmware | <002_2322c | |
HP LaserJet Pro M304-M305 | ||
HP LaserJet Pro M304 W1A48A Firmware | <002_2322c | |
HP LaserJet Pro M304-M305 W1A47A Firmware | ||
HP LaserJet Pro M304-M305 Firmware | <002_2322c | |
HP LaserJet Pro M304-M305 | ||
HP LaserJet Pro M304 W1A48A Firmware | <002_2322c | |
HP LaserJet Pro M304-M305 W1A66A Firmware | ||
HP LaserJet Pro M404/M405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404/m405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404/m405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro M404-M405 | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404-m405 | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404/m405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404/m405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro M404/M405 | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404-m405 | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro m404/m405 Firmware | <002_2322c | |
HP LaserJet Pro M404-M405 | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 | ||
HP LaserJet Pro MFP M428-M429 F W1A30A | <002_2322c | |
HP LaserJet Pro MFP M428 W1A30A Firmware | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 Firmware | ||
HP LaserJet Pro MFP M428-M429 Firmware W1A34A | <002_2322c | |
HP LaserJet Pro MFP M428-M429 | ||
HP LaserJet Pro MFP M428-M429 | <002_2322c | |
HP LaserJet Pro MFP M428-M429 | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 Firmware | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 Firmware | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 | ||
HP LaserJet Pro MFP M428-M429 Firmware | <002_2322c | |
HP LaserJet Pro MFP M428-M429 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-35175 has been classified as a potential vulnerability for remote code execution and elevation of privilege.
To fix CVE-2023-35175, HP recommends updating affected LaserJet Pro firmware to the latest version that addresses this vulnerability.
CVE-2023-35175 affects several HP LaserJet Pro print products, specifically those with certain firmware versions under the LaserJet Pro MFP, M453-M454, M304-M305, M404-M405, and M428-M429 series.
Yes, CVE-2023-35175 could potentially allow unauthorized users to execute remote commands or elevate privileges on the affected LaserJet Pro devices.
The vulnerability CVE-2023-35175 is associated with server-side request forgery (SSRF), which could be exploited through the Web Service Eventing model.