3 matches found
CVE-2024-23637
OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...
CVE-2024-23637
OctoPrint (web interface for 3D printers) contains a vulnerability in versions up to 1.9.3 that allows a malicious admin to change the password of other admin accounts (including their own) without re-authenticating. The issue would let an attacker who hijacks an admin session lock out legitimate...
CVE-2024-23637 OctoPrint Unverified Password Change via Access Control Settings
OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...