VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 5, 2009· Updated Apr 23, 2026

CVE-2008-4419

CVE-2008-4419

Description

Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI.

Affected products

13
  • HP/9200c Digital Sender
    cpe:2.3:h:hp:9200c_digital_sender:*:*:*:*:*:*:*:*
    Range: <=20081211_09.131.1
  • HP/Color Laserjet 4370mfp
    cpe:2.3:h:hp:color_laserjet_4370mfp:*:*:*:*:*:*:*:*
    Range: <=20081211_46.211.2
  • HP/Color Laserjet 9500mfp
    cpe:2.3:h:hp:color_laserjet_9500mfp:*:*:*:*:*:*:*:*
    Range: <=20070719_05.011.2
  • HP/Laserjet 2410
    cpe:2.3:h:hp:laserjet_2410:*:*:*:*:*:*:*:*
    Range: <=20070410_08.112.3
  • HP/Laserjet 2420
    cpe:2.3:h:hp:laserjet_2420:*:*:*:*:*:*:*:*
    Range: <=20070410_08.112.3
  • HP/Laserjet 2430
    cpe:2.3:h:hp:laserjet_2430:*:*:*:*:*:*:*:*
    Range: <=20070410_08.112.3
  • HP/Laserjet 4250
    cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*
    Range: <=20080319_08.015.0
  • HP/Laserjet 4345mfp
    cpe:2.3:h:hp:laserjet_4345mfp:*:*:*:*:*:*:*:*
    Range: <=20081211_09.131.1
  • HP/Laserjet 4350
    cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*
    Range: <=20080319_08.015.0
  • HP/Laserjet 9040
    cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*
    Range: <=20080204_08.110.0
  • HP/Laserjet 9040mfp
    cpe:2.3:h:hp:laserjet_9040mfp:*:*:*:*:*:*:*:*
    Range: <=20080204_08.110.0
  • HP/Laserjet 9050
    cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
    Range: <=20080204_08.110.0
  • HP/Laserjet 9050mfp
    cpe:2.3:h:hp:laserjet_9050mfp:*:*:*:*:*:*:*:*
    Range: <=20080204_08.110.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.