๐Ÿ” CVE Alert

CVE-2026-13753

HIGH 7.5

CVE-2026-13753

CVSS Score
7.5
EPSS Score
0.3%
EPSS Percentile
19th

A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive configuration data such as plaintext Wiโ€‘Fi Direct credentials, unique device identity information, and other administrative security state details. When accessed through the web interface, these setting pages explicitly require administrator credentials before sensitive information is displayed.

Vendor hp inc.
Product hp 2800 printer series
Published Jul 6, 2026
Last Updated Jul 8, 2026
Stay Ahead of the Next One

Get instant alerts for hp inc. hp 2800 printer series

Be the first to know when new high vulnerabilities affecting hp inc. hp 2800 printer series are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

HP Inc. / HP 2800 Printer Series
0 โ‰ค TBP1CN2612AR.

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
kb.cert.org: https://kb.cert.org/vuls/id/828543 kb.cert.org: https://www.kb.cert.org/vuls/id/828543