Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OctoPrint Authenticated Reverse Proxy Page Authentication Bypass
Vulnerability Description
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用欺骗进行的认证绕过
Vulnerability Title
OctoPrint 安全漏洞
Vulnerability Description
OctoPrint是OctoPrint开源的一个应用程序。提供了一个快速的Web界面,用于控制消费类3D打印机。 OctoPrint 1.10.3及之前版本存在安全漏洞,该漏洞源于登录重定向绕过,可能导致前端页面HTML被直接访问。
CVSS Information
N/A
Vulnerability Type
N/A