Security flaws in some models of HP LaserJet Pro printers can reveal users’ administrator passwords to remote attackers, a researcher has revealed.
“Some networked HP LaserJet printers have hidden URLs hardcoded in the firmware. The URLs are not authenticated and can be used to extract admin password in plaintext – among other information like WiFi settings (including WPS PIN),” according to Polish security researcher Michael Sadjak.
HP said in its support document, “A potential security vulnerability has been identified with certain HP LaserJet Pro printers. The vulnerability could be exploited remotely to gain unauthorized access to data.
The vulnerability is in two hidden URLs hardcoded into the firmware, which contain configuration information for the devices.
“The password seems to be encrypted on the screen above… but wait, the value contains hex representation of the admin password in plaintext (!). In other words, using this method, the admin password can be extracted regardless of its complexity,” Sadjak says.
Author Rob Waugh, We Live Security