CVE-2017-2750 HP Printers Remote Code Execution Vulnerability

漏洞类别:Web server



A Remote Code Execution vulnerability has been identified in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, and HP OfficeJet Enterprise printers. The vulnerability exists due to Insufficient DLL Signature Validation.

This vulnerability affects approximately 50 enterprise printers. Please refer to the advisory in the solution section for more information about products affected.

QID Detection Logic (unauthenticated):
This QID detects the vulnerable version of HP Printer via “hp/device/InternalPages/Index?id=ConfigurationPage” web page.


An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code on the printer.


Customers are advised to refer to HP Security Bulletin-c05839270 for information pertaining to remediating this vulnerability.

Following are links for downloading patches to fix the vulnerabilities:


Leave a Reply