Octoprint

Octoprint

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2026-23892

  • EPSS 0.01%
  • Veröffentlicht 27.01.2026 18:35:31
  • Zuletzt bearbeitet 02.02.2026 14:39:36

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up to and including 1.11.5 are affected by a (theoretical) timing attack vulnerability that allows API key extraction over the network. Due to using character...

4.4

CVE-2025-64187

  • EPSS 0.03%
  • Veröffentlicht 07.11.2025 03:11:34
  • Zuletzt bearbeitet 04.12.2025 21:37:04

OctoPrint provides a web interface for controlling consumer 3D printers. Versions 1.11.3 and below are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notifications and prompts popups generated b...

8.8

CVE-2025-58180

  • EPSS 1.03%
  • Veröffentlicht 09.09.2025 19:34:14
  • Zuletzt bearbeitet 18.09.2025 17:37:54

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.2 contain a vulnerability that allows an authenticated attacker to upload a file under a specially crafted filename that will allo...

6.5

CVE-2025-48879

  • EPSS 0.02%
  • Veröffentlicht 10.06.2025 15:23:54
  • Zuletzt bearbeitet 12.08.2025 13:32:55

OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive...

4.6

CVE-2025-48067

  • EPSS 0.04%
  • Veröffentlicht 10.06.2025 15:19:44
  • Zuletzt bearbeitet 12.08.2025 13:44:39

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows an attacker with the FILE_UPLOAD permission to exfiltrate files from the host that OctoPrint...

4.3

CVE-2025-32788

  • EPSS 0.09%
  • Veröffentlicht 22.04.2025 17:14:39
  • Zuletzt bearbeitet 27.06.2025 15:40:23

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain front...

6.5

CVE-2024-51493

  • EPSS 0.08%
  • Veröffentlicht 05.11.2024 19:15:07
  • Zuletzt bearbeitet 18.12.2024 16:34:37

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain a vulnerability that allows an attacker that has gained temporary control over an authenticated victim's OctoPrint brows...

6.1

CVE-2024-49377

  • EPSS 0.25%
  • Veröffentlicht 05.11.2024 19:15:05
  • Zuletzt bearbeitet 18.12.2024 16:31:26

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain reflected XSS vulnerabilities in the login dialog and the standalone application key confirmation dialog. An attacker w...

9.4

CVE-2024-32977

Exploit
  • EPSS 0.12%
  • Veröffentlicht 14.05.2024 16:17:12
  • Zuletzt bearbeitet 10.04.2025 20:33:40

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the `autologinLocal` ...

4.8

CVE-2024-28237

Exploit
  • EPSS 0.37%
  • Veröffentlicht 18.03.2024 22:15:07
  • Zuletzt bearbeitet 08.01.2025 16:22:58

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to configure or talk a victim with administrator rights into configuring a w...