HP Jetdirect Path Traversal Arbitrary Code Execution
Posted by deepcore on August 28, 2018 – 6:45 am
This Metasploit module exploits a path traversal via Jetdirect to gain arbitrary code execution by writing a shell script that is loaded on startup to /etc/profile.d. Then, the printer is restarted using SNMP. A large amount of printers are impacted.
Post a reply
You must be logged in to post a comment.