HP Printers Suffer From 1980s-Style Coding Error

June 25, 2014

There's a telnet debug shell vulnerability in the firmware of some HP laser printers, according to a warning from the US Computer Emergency Response Team (CERT).

The vulnerability note state that "certain HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data." The telnet debug shell carries the usernames and passwords of the party using the printer unencrypted, in the clear. The developer code apparently was left in the final production of various printer models.

Read More