Overview
- Description
- CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- security-advisories@github.com
- CWE-1327
Social media
- Hype score
- Not currently trending
Our experts regularly update Core Impact's certified #exploit library. Get details on the latest additions, including CVE-2024-6769, CVE-2024-36401, CVE-2024-47176, CVE-2024-38054, CVE-2024-26230, CVE-2024-0799, CVE-2024-0800, and more. https://t.co/DziZgG9ccw https://t.co/gveK7y
@CoreSecurity
11 Nov 2024
401 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
"Cracking open the 'CUPS of chaos' with CVE-2024-47176. One crafty packet punches a 600x DDoS amplification. Still running 2007's CUPS version? @CyberSecPro, surely not! Patch or prepare for a botnet brewing in your backyard. #CyberSecurity #DDoS #UnixVulnerability #TimeToPatch"
@LimitedViewX
10 Nov 2024
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-47176
@transilienceai
23 Oct 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-47176
@transilienceai
20 Oct 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔴En este vídeo vamos a explotar la vulnerabilidad CUPS Command Injection (CVE-2024-47176) que nos permite inyectar comandos instalando una impresora maliciosa a través del puerto UDP 631. ¡Espero que os resulte útil! 🥷 👇👇👇 https://t.co/2HBZkcqRf4 https://t.co/2HBZkcqRf4 ht
@xerosec
148 Impressions
1 Retweet
8 Likes
1 Bookmark
0 Replies
0 Quotes
ثغرات متعددة في CUPS تتيح تنفيذ التعليمات البرمجية عن بُعد على نظام #Linux 1) cve-2024-47076 2) CVE-2024-47175 3) CVE-2024-47176 4) CVE-2024-47177 استعلام #Criminal_IP ✅title: CUPS port:631 ✅title: Home - CUPS port:631 https://t.co/TwVHxOmvB7 https://t.co/Dml9z1YZ7F
@CriminalIP_AR
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177: Linux OpenPrinting CUPS RCE GitHub.. https://t.co/J2CFFT1Qhx For more information about CUPS.(Printing system remote execution.. 👇 https://t.co/ELv0lGyaYU #CVE
@un_exceptional
13 Impressions
0 Retweets
1 Like
0 Bookmarks
2 Replies
0 Quotes
Actively exploited CVE : CVE-2024-47176
@transilienceai
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Our latest research reveals a critical #CUPS vulnerability chain, enabling unauthenticated Remote Code Execution (RCE). We explain how CVE-2024-47176 and others can be exploited worldwide. 👉 Learn more from the Ostorlab team: https://t.co/jjD40TE83h #cybersecurity #infosec #CVE
@OstorlabSec
108 Impressions
3 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes