Unrated severityNVD Advisory· Published Dec 1, 2011· Updated Apr 29, 2026

CVE-2011-4161

Description

The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 color M551, 600, M4555 MFP, and P3015 enables the Remote Firmware Update (RFU) setting, which allows remote attackers to execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update.

Affected products

HP/Color Laserjet 3000
cpe:2.3:h:hp:color_laserjet_3000:*:*:*:*:*:*:*:*
HP/Color Laserjet 3800
cpe:2.3:h:hp:color_laserjet_3800:*:*:*:*:*:*:*:*
HP/Color Laserjet 4700
cpe:2.3:h:hp:color_laserjet_4700:*:*:*:*:*:*:*:*
HP/Color Laserjet 4730
cpe:2.3:h:hp:color_laserjet_4730:mfp:*:*:*:*:*:*:*
HP/Color Laserjet 4730 Mfp
cpe:2.3:h:hp:color_laserjet_4730_mfp:*:*:*:*:*:*:*:*
HP/Color Laserjet 5550
cpe:2.3:h:hp:color_laserjet_5550:*:*:*:*:*:*:*:*
HP/Color Laserjet 9500
cpe:2.3:h:hp:color_laserjet_9500:*:*:*:*:*:*:*:*
HP/Color Laserjet Cm3530
cpe:2.3:h:hp:color_laserjet_cm3530:*:*:*:*:*:*:*:*
HP/Color Laserjet Cm4540
cpe:2.3:h:hp:color_laserjet_cm4540:mfp:*:*:*:*:*:*:*
HP/Color Laserjet Cm4730
cpe:2.3:h:hp:color_laserjet_cm4730:mfp:*:*:*:*:*:*:*
HP/Color Laserjet Cm6030
cpe:2.3:h:hp:color_laserjet_cm6030:*:*:*:*:*:*:*:*
HP/Color Laserjet Cm6040
cpe:2.3:h:hp:color_laserjet_cm6040:*:*:*:*:*:*:*:*
HP/Color Laserjet Cp3505
cpe:2.3:h:hp:color_laserjet_cp3505:*:*:*:*:*:*:*:*
HP/Color Laserjet Cp3525
cpe:2.3:h:hp:color_laserjet_cp3525:*:*:*:*:*:*:*:*
HP/Color Laserjet Cp4005
cpe:2.3:h:hp:color_laserjet_cp4005:*:*:*:*:*:*:*:*
HP/Color Laserjet Cp5525
cpe:2.3:h:hp:color_laserjet_cp5525:*:*:*:*:*:*:*:*
HP/Color Laserjet Cp6015
cpe:2.3:h:hp:color_laserjet_cp6015:*:*:*:*:*:*:*:*
HP/Color Laserjet Enterprise Cp4520
cpe:2.3:h:hp:color_laserjet_enterprise_cp4520:*:*:*:*:*:*:*:*
HP/Color Laserjet Enterprise Cp4525
cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:*:*:*:*:*:*:*:*
HP/Color Mfp Cm8060
cpe:2.3:h:hp:color_mfp_cm8060:-:-:edgeline:*:*:*:*:*
HP/Digital Sender 9200c
cpe:2.3:h:hp:digital_sender_9200c:*:*:*:*:*:*:*:*
HP/Digital Sender 9250c
cpe:2.3:h:hp:digital_sender_9250c:*:*:*:*:*:*:*:*
HP/Laserjet 4240
cpe:2.3:h:hp:laserjet_4240:*:*:*:*:*:*:*:*
HP/Laserjet 4250
cpe:2.3:h:hp:laserjet_4250:*:*:*:*:*:*:*:*
HP/Laserjet 4345mfp
cpe:2.3:h:hp:laserjet_4345_mfp:*:*:*:*:*:*:*:*
HP/Laserjet 4350
cpe:2.3:h:hp:laserjet_4350:*:*:*:*:*:*:*:*
HP/Laserjet 5200
cpe:2.3:h:hp:laserjet_5200:*:*:*:*:*:*:*:*
HP/Laserjet 9040
cpe:2.3:h:hp:laserjet_9040:*:*:*:*:*:*:*:*
HP/Laserjet 9050
cpe:2.3:h:hp:laserjet_9050:*:*:*:*:*:*:*:*
HP/Laserjet Enterprise 500 Color
cpe:2.3:h:hp:laserjet_enterprise_500_color:m551:*:*:*:*:*:*:*
HP/Laserjet Enterprise 6003 versions
cpe:2.3:h:hp:laserjet_enterprise_600:m601:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:hp:laserjet_enterprise_600:m601:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_enterprise_600:m602:*:*:*:*:*:*:*
- cpe:2.3:h:hp:laserjet_enterprise_600:m603:*:*:*:*:*:*:*
HP/Laserjet Enterprise M4555
cpe:2.3:h:hp:laserjet_enterprise_m4555:mfp:*:*:*:*:*:*:*
HP/Laserjet Enterprise P3015
cpe:2.3:h:hp:laserjet_enterprise_p3015:*:*:*:*:*:*:*:*
HP/Laserjet M3035
cpe:2.3:h:hp:laserjet_m3035:*:*:*:*:*:*:*:*
HP/Laserjet M5035
cpe:2.3:h:hp:laserjet_m5035:*:*:*:*:*:*:*:*
HP/Laserjet M9040
cpe:2.3:h:hp:laserjet_m9040:*:*:*:*:*:*:*:*
HP/Laserjet M9050
cpe:2.3:h:hp:laserjet_m9050:*:*:*:*:*:*:*:*
HP/Laserjet P3005
cpe:2.3:h:hp:laserjet_p3005:*:*:*:*:*:*:*:*
HP/Laserjet P4014
cpe:2.3:h:hp:laserjet_p4014:*:*:*:*:*:*:*:*
HP/Laserjet P4015
cpe:2.3:h:hp:laserjet_p4015:*:*:*:*:*:*:*:*
HP/Laserjet P4515
cpe:2.3:h:hp:laserjet_p4515:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000