Lucene search
K

316 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:19 p.m.10 views

CVE-2021-32560

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...

6.5CVSS6.8AI score0.0149EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.7 views

CVE-2021-32561

OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters...

6.1CVSS6AI score0.01143EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:45 a.m.9 views

CVE-2018-16710

OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the...

9.1CVSS7.1AI score0.0209EPSS
Exploits1References1
Snyk
Snyk
added 2025/05/01 6:31 a.m.1 views

User Impersonation

Overview OctoPrint is a snappy web interface for your 3D printer Affected versions of this package are vulnerable to User Impersonation via the X-Preemptive-Recording HTTP header. An attacker could bypass the login redirect and directly access the HTML of certain frontend pages by adding the HTTP...

6.9CVSS7AI score0.00214EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/26 12:6 a.m.5 views

CVE-2025-32788

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS7AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/04/22 6:15 p.m.7 views

CVE-2025-32788

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS0.00214EPSS
Exploits0References2
PyPA
PyPA
added 2025/04/22 6:15 p.m.19 views

PYSEC-2025-56

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS7AI score0.00214EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/04/22 6:15 p.m.5 views

PYSEC-2025-56

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS7.3AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 2025/04/22 5:14 p.m.71 views

CVE-2025-32788

CVE-2025-32788 – OctoPrint Up to version 1.10.3, OctoPrint could bypass the login redirect and directly access rendered HTML of certain frontend pages by abusing authentication checks. The issue centers on the frontend authentication flow, notably functions like require_login, require_login_with,...

4.3CVSS4.8AI score0.00214EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/22 5:14 p.m.6 views

CVE-2025-32788 OctoPrint Authenticated Reverse Proxy Page Authentication Bypass

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS7.3AI score0.00214EPSS
Exploits0References2
OSV
OSV
added 2025/04/22 5:14 p.m.7 views

CVE-2025-32788 OctoPrint Authenticated Reverse Proxy Page Authentication Bypass

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS6.7AI score0.00214EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/22 5:14 p.m.14 views

CVE-2025-32788 OctoPrint Authenticated Reverse Proxy Page Authentication Bypass

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential...

4.3CVSS0.00214EPSS
Exploits0References2
OSV
OSV
added 2025/04/22 4:49 p.m.6 views

GHSA-QW93-H6PF-226X OctoPrint Authenticated Reverse Proxy Page Authentication Bypass

Impact OctoPrint versions up until and including 1.10.3 contain a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The impact on data exposure is minimal because, typically, data is loaded via API requests that...

4.3CVSS6.8AI score0.00214EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/04/22 4:49 p.m.10 views

OctoPrint Authenticated Reverse Proxy Page Authentication Bypass

Impact OctoPrint versions up until and including 1.10.3 contain a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The impact on data exposure is minimal because, typically, data is loaded via API requests that...

4.3CVSS6.8AI score0.00214EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.5 views

PT-2025-17558 · Octoprint · Octoprint

Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.10.3 Description: OctoPrint provides a web interface for controlling consumer 3D printers. The issue allows an attacker to bypass the login redirect and directly access the rendered HTML of certain...

4.3CVSS6.5AI score0.00214EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.14 views

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.10.3 and earlier versions, which stems from a login redirection bypass that could result in direct access to front-end page...

4.3CVSS6.3AI score0.00214EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/18 7:25 p.m.5 views

Improper Validation of Certificate with Host Mismatch

Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in components/octoprint, which uses custom Octoprint HTTP sessions. The default ssl parameter configuration uses the value False or None, which causes the SSL verification...

8.3CVSS6.8AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 10:58 p.m.5 views

CVE-2022-1430

Cross-site Scripting XSS - DOM in GitHub repository octoprint/octoprint prior to 1.8.0...

7.5CVSS6AI score0.01275EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:50 p.m.8 views

CVE-2022-1432

Cross-site Scripting XSS - Generic in GitHub repository octoprint/octoprint prior to 1.8.0...

7.5CVSS5.9AI score0.01152EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:55 a.m.8 views

CVE-2024-32977

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if the...

9.4CVSS7.2AI score0.00897EPSS
Exploits1References1
Rows per page
Query Builder