Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026
CVE-2004-2439
CVE-2004-2439
Description
The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware.
Affected products
19cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:hp:color_laserjet:4650:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet:5500:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet:5550:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_2500:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_3000:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_3700:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4100_mfp:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4200:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_4300:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9000:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9000_mfp:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9040_mpf:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9050_mpf:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9055:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9065:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9500:*:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_9500_mpf:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdVendor Advisory
- securitytracker.com/idnvdVendor Advisory
- www.securityfocus.com/bid/11297nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17634nvd
News mentions
0No linked articles in our index yet.