CVE-2026-13753
CVE-2026-13753
CVSS Score
7.5
EPSS Score
0.3%
EPSS Percentile
19th
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive configuration data such as plaintext WiโFi Direct credentials, unique device identity information, and other administrative security state details. When accessed through the web interface, these setting pages explicitly require administrator credentials before sensitive information is displayed.
| Vendor | hp inc. |
| Product | hp 2800 printer series |
| Published | Jul 6, 2026 |
| Last Updated | Jul 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for hp inc. hp 2800 printer series
Be the first to know when new high vulnerabilities affecting hp inc. hp 2800 printer series are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
HP Inc. / HP 2800 Printer Series
0 โค TBP1CN2612AR.