What is the severity of CVE-2023-35175?

CVE-2023-35175 has been classified as a potential vulnerability for remote code execution and elevation of privilege.

How do I fix CVE-2023-35175?

To fix CVE-2023-35175, HP recommends updating affected LaserJet Pro firmware to the latest version that addresses this vulnerability.

Which products are affected by CVE-2023-35175?

CVE-2023-35175 affects several HP LaserJet Pro print products, specifically those with certain firmware versions under the LaserJet Pro MFP, M453-M454, M304-M305, M404-M405, and M428-M429 series.

Can CVE-2023-35175 lead to unauthorized access?

Yes, CVE-2023-35175 could potentially allow unauthorized users to execute remote commands or elevate privileges on the affected LaserJet Pro devices.

Is there a known exploitation method for CVE-2023-35175?

The vulnerability CVE-2023-35175 is associated with server-side request forgery (SSRF), which could be exploited through the Web Service Eventing model.

Vulnerability/
CVE-2023-35175

critical

9.8

CWE

918

30/6/2023

4/12/2024

CVE-2023-35175: SSRF

First published: Fri Jun 30 2023(Updated: )

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.

Credit: hp-security-alert@hp.com

Affected Software	Affected Version	How to fix
HP LaserJet Pro MFP M478-M479 W1A75A	<002_2322c
HP LaserJet Pro MFP M478-M479
HP Color LaserJet Pro MFP M478 Firmware	<002_2322c
HP LaserJet Pro MFP M478-M479 W1A76A Firmware
HP LaserJet Pro MFP M478-M479 W1A77A	<002_2322c
HP LaserJet Pro MFP M478-M479
HP Color LaserJet Pro MFP M478	<002_2322c
HP LaserJet Pro MFP M478-M479 W1A78A Firmware
HP LaserJet Pro MFP M478-M479 Firmware	<002_2322c
HP LaserJet Pro MFP M478-M479
HP LaserJet Pro MFP M478-M479 W1A80A	<002_2322c
HP LaserJet Pro MFP M478-M479
HP LaserJet Pro MFP M478-M479 Firmware	<002_2322c
HP LaserJet Pro MFP M478-M479
HP LaserJet Pro MFP M478-M479	<002_2322c
HP LaserJet Pro MFP M478-M479 W1A82A Firmware
HP LaserJet Pro M453-M454	<002_2322c
HP LaserJet Pro M453-M454
HP LaserJet Pro M453-M454	<002_2322c
HP LaserJet Pro M453-M454
HP LaserJet Pro M453-M454 Firmware	<002_2322c
HP LaserJet Pro M453-M454
HP LaserJet Pro M453/M454 Firmware	<002_2322c
HP LaserJet Pro M453/M454 Firmware
HP LaserJet Pro M453-M454 Firmware	<002_2322c
HP LaserJet Pro M453 M454
HP LaserJet Pro M453-M454 Firmware	<002_2322c
HP LaserJet Pro M453-M454 Firmware
HP LaserJet Pro M453/M454 Firmware	<002_2322c
HP LaserJet Pro M453/M454 Firmware
HP LaserJet Pro M304-M305 Firmware	<002_2322c
HP LaserJet Pro M304-M305
HP LaserJet Pro M304 W1A48A Firmware	<002_2322c
HP LaserJet Pro M304-M305 W1A47A Firmware
HP LaserJet Pro M304-M305 Firmware	<002_2322c
HP LaserJet Pro M304-M305
HP LaserJet Pro M304 W1A48A Firmware	<002_2322c
HP LaserJet Pro M304-M305 W1A66A Firmware
HP LaserJet Pro M404/M405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404/m405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404/m405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro M404-M405	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404-m405	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404/m405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404/m405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro M404/M405	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404-m405	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro m404/m405 Firmware	<002_2322c
HP LaserJet Pro M404-M405
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429
HP LaserJet Pro MFP M428-M429 F W1A30A	<002_2322c
HP LaserJet Pro MFP M428 W1A30A Firmware
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429 Firmware
HP LaserJet Pro MFP M428-M429 Firmware W1A34A	<002_2322c
HP LaserJet Pro MFP M428-M429
HP LaserJet Pro MFP M428-M429	<002_2322c
HP LaserJet Pro MFP M428-M429
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429 Firmware
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429 Firmware
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429
HP LaserJet Pro MFP M428-M429 Firmware	<002_2322c
HP LaserJet Pro MFP M428-M429 Firmware

Never miss a vulnerability like this again

Reference Links

https://support.hp.com/us-en/document/ish_8651322-8651446-16/hpsbpi03851

Frequently Asked Questions

What is the severity of CVE-2023-35175?
CVE-2023-35175 has been classified as a potential vulnerability for remote code execution and elevation of privilege.
How do I fix CVE-2023-35175?
To fix CVE-2023-35175, HP recommends updating affected LaserJet Pro firmware to the latest version that addresses this vulnerability.
Which products are affected by CVE-2023-35175?
CVE-2023-35175 affects several HP LaserJet Pro print products, specifically those with certain firmware versions under the LaserJet Pro MFP, M453-M454, M304-M305, M404-M405, and M428-M429 series.
Can CVE-2023-35175 lead to unauthorized access?
Yes, CVE-2023-35175 could potentially allow unauthorized users to execute remote commands or elevate privileges on the affected LaserJet Pro devices.
Is there a known exploitation method for CVE-2023-35175?
The vulnerability CVE-2023-35175 is associated with server-side request forgery (SSRF), which could be exploited through the Web Service Eventing model.

agent/type
agent/references
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/hp
canonical/hp laserjet pro mfp m478-m479 w1a75a
canonical/hp laserjet pro mfp m478-m479
canonical/hp color laserjet pro mfp m478 firmware
canonical/hp laserjet pro mfp m478-m479 w1a76a firmware
canonical/hp laserjet pro mfp m478-m479 w1a77a
canonical/hp color laserjet pro mfp m478
canonical/hp laserjet pro mfp m478-m479 w1a78a firmware
canonical/hp laserjet pro mfp m478-m479 firmware
canonical/hp laserjet pro mfp m478-m479 w1a80a
canonical/hp laserjet pro mfp m478-m479 w1a82a firmware
canonical/hp laserjet pro m453-m454
canonical/hp laserjet pro m453-m454 firmware
canonical/hp laserjet pro m453/m454 firmware
canonical/hp laserjet pro m453 m454
canonical/hp laserjet pro m304-m305 firmware
canonical/hp laserjet pro m304-m305
canonical/hp laserjet pro m304 w1a48a firmware
canonical/hp laserjet pro m304-m305 w1a47a firmware
canonical/hp laserjet pro m304-m305 w1a66a firmware
canonical/hp laserjet pro m404/m405 firmware
canonical/hp laserjet pro m404-m405
canonical/hp laserjet pro m404/m405
canonical/hp laserjet pro mfp m428-m429 firmware
canonical/hp laserjet pro mfp m428-m429
canonical/hp laserjet pro mfp m428-m429 f w1a30a
canonical/hp laserjet pro mfp m428 w1a30a firmware
canonical/hp laserjet pro mfp m428-m429 firmware w1a34a