CVE-2006-1654

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/04/2006
Last modified:
03/04/2025

Description

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hp:color_laserjet_2500_toolbox:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:color_laserjet_4600_toolbox:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet:4600dn:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet:4600dtn:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet:4600hdn:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*