Unauthorized Access Vulnerability in HP Deskjet 2800 Printers Exposed
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR have a missing authorization vulnerability (CVE-2026-13753) that allows unauthenticated access to sensitive webserver API endpoints. Attackers can exploit this flaw to retrieve plaintext Wi-Fi Direct credentials, device identity information, and other administrative data. The vulnerability arises from a lack of authentication checks on backend API endpoints, which normally require admin credentials through the web interface. As of now, there is no available firmware patch from HP, and users are advised to restrict network access and disable unnecessary features to mitigate risks. The vulnerability was reported by researcher Nguyễn Tiến Dũng. The CVSS base score assigned to this vulnerability is 7.5, indicating a high severity level.
Key Points: • HP Deskjet 2800 Printers are vulnerable to CVE-2026-13753 due to missing authorization checks. • Attackers can access sensitive configuration data, including Wi-Fi credentials, without authentication. • No firmware patch is available; users should restrict network access to mitigate risks.