Unrated severityNVD Advisory· Published Apr 6, 2006· Updated Apr 16, 2026

CVE-2006-1654

Description

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

Affected products

HP/Color Laserjet 2500 Toolbox
cpe:2.3:a:hp:color_laserjet_2500_toolbox:*:*:*:*:*:*:*:*
HP/Color Laserjet 4600 Toolbox
cpe:2.3:a:hp:color_laserjet_4600_toolbox:*:*:*:*:*:*:*:*
HP/Color Laserjet 2500
cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*
HP/Color Laserjet 2500l
cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*
HP/Color Laserjet 2500lse
cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*
HP/Color Laserjet 2500n
cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*
HP/Color Laserjet 2500tn
cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*
HP/Color Laserjet 4600
cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*
HP/Color Laserjet3 versions
cpe:2.3:h:hp:color_laserjet:4600dn:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:hp:color_laserjet:4600dn:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet:4600dtn:*:*:*:*:*:*:*
- cpe:2.3:h:hp:color_laserjet:4600hdn:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/fulldisclosure/2006-04/0085.htmlnvdExploitPatch
securitytracker.com/idnvdExploitPatch
www.securityfocus.com/bid/17367nvdExploit
secunia.com/advisories/19529nvd
www.osvdb.org/24396nvd
www.securityfocus.com/archive/1/429893/100/0/threadednvd
www.securityfocus.com/archive/1/429984/100/0/threadednvd
www.vupen.com/english/advisories/2006/1230nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25627nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000