CVE-2008-4419

N/A Unknown
Published: February 05, 2009 Modified: April 23, 2026
View on NVD

Description

Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01623905
Source: cve@mitre.org
http://secunia.com/advisories/33779
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/500657/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/33611
Source: cve@mitre.org
http://www.securitytracker.com/id?1021687
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/0341
Source: cve@mitre.org
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01623905
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33779
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/500657/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/33611
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1021687
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/0341
Source: af854a3a-2127-422b-91ae-364da2661108

12 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.7%
71th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

hp

Related CVEs

CVE-2026-6977 7.3
CVE-2026-31685 N/A
CVE-2026-31684 N/A
CVE-2026-31683 N/A
CVE-2026-31682 N/A