Unauthorized HP office pro printer

ID: unauthorized-printer-hp

Severity: high

Author: pussycat0x,r3naissance

Tags: hp,iot,unauth,misconfig

Description

HP office pro printer web access is exposed.

YAML Source

id: unauthorized-printer-hp

info:
  name: Unauthorized HP office pro printer
  author: pussycat0x,r3naissance
  severity: high
  description: HP office pro printer web access is exposed.
  classification:
    cpe: cpe:2.3:h:hp:officejet_pro_8730_m9l80a:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: hp
    product: officejet_pro_8730_m9l80a
    shodan-query: http.title:"Hp Officejet pro"
  tags: hp,iot,unauth,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/hp/device/webAccess/index.htm?content=security"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - '<title>(HP Officejet Pro([ 0-9A-Za-z]+)|HP Designjet([ 0-9A-Za-z]+).*)<\/title>'

      - type: status
        status:
          - 200
# digest: 4b0a0048304602210081131c2309aa3f9fa658cae7ce5f6f4ac284a54443f740385ba63d024c8eb3be022100c1337d98fdd2b028c7f80d3e0445b5cbaa691f6a8f07c48006b8fd9187d69b1b:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/misconfiguration/hp/unauthorized-printer-hp.yaml"

View on Github