HP DeskJet 2800 series printers are susceptible to a newly identified vulnerability, CVE-2026-13753, which allows unauthorized access to sensitive configuration data over a local network. The flaw affects devices running specific firmware versions, and no immediate fix is available, as reported by Cyber Insider.The vulnerability, disclosed by the CERT Coordination Center (CERT/CC), stems from a lack of authorization checks in the printer's embedded web server. This allows unauthenticated requests to backend API endpoints that should be protected. Attackers on the same network can exploit this to retrieve critical information, including Wi-Fi Direct credentials, SNMP configuration, serial numbers, and administrative security settings. This data could be leveraged for unauthorized network access, reconnaissance, or further attacks.CERT/CC was unable to coordinate the disclosure with HP, meaning a firmware update is not yet available. Until a patch is released, users are advised to limit access to the printer's web interface, place it on an isolated network, disable Wi-Fi Direct and SNMP if not necessary, and use firewall rules to restrict access. Disabling unused discovery and cloud services is also recommended.Source: Cyber Insider
Vulnerability Management
HP DeskJet 2800 series printers vulnerable to sensitive data exposure

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



