OctoPrint Remote Information Disclosure and Denial of Service Vulnerability

OctoPrint Remote Information Disclosure and Denial of Service Vulnerability

CVE-2018-16710 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough.

Learn more about our Cis Benchmark Audit For Print Devices.