Printer vulnerabilities via firmware update

Posted Dec 1, 2011 10:59 UTC (Thu) by intgr (subscriber, #39733)
In reply to: Printer vulnerabilities via firmware update by james
Parent article: Printer vulnerabilities via firmware update

> I'd suggest doing it through a password-protected web interface instead
99% of which still have the default password set.

to post comments

Printer vulnerabilities via firmware update

Posted Dec 1, 2011 17:22 UTC (Thu) by cesarb (subscriber, #6266) [Link]

> 99% of which still have the default password set.

Or the password is set but does not make much effect. On a printer we have here at work, I set the administrator password to prevent people from accidentally changing the settings. Imagine my surprise when I found out the settings had changed anyway.

It seems that, when installing the Windows driver for that printer, it has a wizard to set up the printer (configuring the fax settings and a few other things). That wizard seemed to completely ignore the administrator password I had set on the web interface.