HP Printer security flaw allows hackers to extract passwords

HP Printer security flawOwners of certain HP LaserJet Pro printers are being advised to protect themselves against a security vulnerability “as soon as possible”, after researchers found it was possible to remotely access admin passwords and other information.

The vulnerability, dubbed CVE-2013-4807, was discovered by Michał Sajdak of Securitum.pl who described how hackers could extract plaintext admin passwords via hidden URLs hardcoded into the printers’ hardware.

Sajdak discovered that if you access vulnerable LaserJet printers via a URL like this:

http://IP_ADDRESS/dev/save_restore.xml

you are not required to authenticate yourself, and a number of parameters are easily accessible.

For instance, in his example, Sajdak found a hex representation of the admin password:

HP printer reveals password in hexadecimal

In this case, 0x746573746f7765 is the hex equivalent to “testowe”.

Furthermore, Sajdak found that WiFi-enabled printers could leak the network’s WPS PIN:

http://IP_ADDRESS:8080/IoMgmt/Adapters/wifi0/WPS/Pin

HP printer reveals WPS PIN

The good news is that the security vulnerability was disclosed responsibly to Hewlett-Packard, and firmware updates for affected printers are available for users to download.

Sign up to our free newsletter.
Security news, advice, and tips.

The bad news is that many printer owners probably aren’t aware that the security issue exists, or simply won’t bother to apply the firmware update.

HP Security advisory

According to the security advisory published by Hewlett-Packard, a patch for the vulnerability is available the following printers: HP LaserJet Pro P1102w, HP LaserJet Pro P1606dn, HP LaserJet Pro M1212nf MFP, HP LaserJet Pro M1213nf MFP, HP LaserJet Pro M1214nfh MFP, HP LaserJet Pro M1216nfh MFP, HP LaserJet Pro M1217nfw MFP, HP LaserJet Pro M1218nfs MFP, and HP LaserJet Pro CP1025nw.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “HP Printer security flaw allows hackers to extract passwords”

  1. Carson

    I dont quite get it. This does not seem like it was done by accident; in fact it is rather obvious that these URLs were there for a reason. How could one think that storing a root password or WPS pin in plain text/hex is acceptable? Why the software developer did this I have no clue.

    1. Snowden · in reply to Carson

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.