Latest octoprint octoprint Vulnerabilities

CVE-2024-23637
OctoPrint Unverified Password Change via Access Control Settings
pip/OctoPrint<=1.9.3
Octoprint Octoprint<=1.9.3
CVE-2023-41047
OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that wi...
Octoprint Octoprint<1.9.3
pip/OctoPrint<1.9.3
CVE-2022-3607
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository octoprint/octoprint prior to 1.8.3.
Octoprint Octoprint<1.8.3
CVE-2022-3068
Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3.
Octoprint Octoprint<1.8.3
CVE-2022-2872
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
Octoprint Octoprint<1.8.3
CVE-2022-2930
Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3.
Octoprint Octoprint<1.8.3
CVE-2022-2822
OctoPrint 1.7.3 and prior does not have rate limiting on the login page, making it possible for attackers to attempt brute force attacks. The severity of this issue is limited by OctoPrint normally ru...
pip/OctoPrint<=1.7.3
Octoprint Octoprint<1.9.0
CVE-2022-1430
Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0.
Octoprint Octoprint<1.8.0
CVE-2022-1432
Cross-site Scripting (XSS) - Generic in GitHub repository octoprint/octoprint prior to 1.8.0.
Octoprint Octoprint<1.8.0
CVE-2021-32561
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.
Octoprint Octoprint<1.6.0
CVE-2021-32560
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.
Octoprint Octoprint<1.6.0
pip/octoprint<1.6.0
<1.6.0
CVE-2018-16710
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance o...
Octoprint Octoprint<=1.3.9
<=1.3.9

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203