Vulnerabilities > Octoprint

DATE CVE VULNERABILITY TITLE RISK
2024-11-05 CVE-2024-49377 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Octoprint
OctoPrint provides a web interface for controlling consumer 3D printers.
network
low complexity
octoprint CWE-80
6.1
2024-11-05 CVE-2024-51493 Missing Authentication for Critical Function vulnerability in Octoprint
OctoPrint provides a web interface for controlling consumer 3D printers.
network
low complexity
octoprint CWE-306
6.5
2024-01-31 CVE-2024-23637 Improper Authentication vulnerability in Octoprint
OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password.
network
low complexity
octoprint CWE-287
4.9
2023-10-09 CVE-2023-41047 Unspecified vulnerability in Octoprint
OctoPrint is a web interface for 3D printers.
local
low complexity
octoprint
6.5
2022-10-19 CVE-2022-3607 Injection vulnerability in Octoprint
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository octoprint/octoprint prior to 1.8.3.
local
low complexity
octoprint CWE-74
6.0
2022-09-21 CVE-2022-2888 Unspecified vulnerability in Octoprint
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
local
low complexity
octoprint
4.4
2022-09-21 CVE-2022-3068 Unspecified vulnerability in Octoprint
Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3.
network
low complexity
octoprint
8.8
2022-09-21 CVE-2022-2872 Unspecified vulnerability in Octoprint
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
network
low complexity
octoprint
5.4
2022-08-22 CVE-2022-2930 Unspecified vulnerability in Octoprint
Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3.
local
low complexity
octoprint
7.8
2022-08-15 CVE-2022-2822 Unspecified vulnerability in Octoprint
An attacker can freely brute force username and password and can takeover any account.
network
low complexity
octoprint
7.5