Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OctoPrint Unverified Password Change via Access Control Settings
Vulnerability Description
OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an admin account might use this to lock out actual admins from their OctoPrint instance. The vulnerability will be patched in version 1.10.0.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
OctoPrint 安全漏洞
Vulnerability Description
OctoPrint是一个应用程序。提供了一个快速的Web界面,用于控制消费类3D打印机。 OctoPrint 1.9.3版本及之前版本存在安全漏洞。攻击者利用该漏洞可以更改其他管理员帐户的密码。
CVSS Information
N/A
Vulnerability Type
N/A