CVE-2019-6334
published 2019-10-16CVE-2019-6334: HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of…
PriorityP354critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.62%
88.1th percentile
HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of arbitrary code.
Affected
66 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | futuresmart_3 | < 2309021_581893 | 2309021_581893 |
| hp | futuresmart_3 | < 2309021_581898 | 2309021_581898 |
| hp | futuresmart_3 | < 2309021_581886 | 2309021_581886 |
| hp | futuresmart_3 | < 2309021_581895 | 2309021_581895 |
| hp | futuresmart_3 | < 2309021_581902 | 2309021_581902 |
| hp | futuresmart_3 | < 2309021_581899 | 2309021_581899 |
| hp | futuresmart_3 | < 2309021_581889 | 2309021_581889 |
| hp | futuresmart_3 | < 2309021_581900 | 2309021_581900 |
| hp | futuresmart_3 | < 2309021_581892 | 2309021_581892 |
| hp | futuresmart_3 | < 2309021_581909 | 2309021_581909 |
| hp | futuresmart_3 | < 2309021_581910 | 2309021_581910 |
| hp | futuresmart_3 | < 2309021_581897 | 2309021_581897 |
| hp | futuresmart_3 | < 2309021_581908 | 2309021_581908 |
| hp | futuresmart_3 | < 2309021_581906 | 2309021_581906 |
| hp | futuresmart_3 | < 2309021_581905 | 2309021_581905 |
| hp | futuresmart_3 | < 2309021_581882 | 2309021_581882 |
| hp | futuresmart_3 | < 2309021_581896 | 2309021_581896 |
| hp | futuresmart_3 | < 2309021_581901 | 2309021_581901 |
| hp | futuresmart_3 | < 2309021_581888 | 2309021_581888 |
| hp | futuresmart_3 | < 2309021_581887 | 2309021_581887 |
| hp | futuresmart_3 | < 2309021_581903 | 2309021_581903 |
| hp | futuresmart_3 | < 2309021_581883 | 2309021_581883 |
| hp | futuresmart_3 | < 2309021_581904 | 2309021_581904 |
| hp | futuresmart_3 | < 2309021_581884 | 2309021_581884 |
| hp | futuresmart_3 | < 2309021_581885 | 2309021_581885 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6334)
suricata·2019-03-18·CVSS 8.8
CVE-2017-6334 [HIGH] ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6334)
ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6334)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6334)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/dnslookup.cgi"; startswith; endswith; http.header; content:"DIAG_diag.htm|0d 0a|"; fast_pattern; http.request_body; content:"host_name="; startswith; content:"|3b|"; distance:0; reference:url,www.exploit-db.com/exploits/41394; reference:cve,2017-6334; classtype:attempted-user; sid:2027094; rev:4; metadata:attack_target IoT, created_at 2019_03_18, cve CVE_2017_6334, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_04_13;)
No public exploits indexed.
No writeups or analysis indexed.
2019-10-16
Published