CVE-2024-47177

Published Sep 26, 2024

Last updated 2 months ago

CVSS critical 9.0

Overview

Description
CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9
Impact score
6
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-77

Social media

Hype score
Not currently trending

  1. Actively exploited CVE : CVE-2024-47177

    @transilienceai

    30 Oct 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. Actively exploited CVE : CVE-2024-47177

    @transilienceai

    29 Oct 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2024-47177

    @transilienceai

    25 Oct 2024

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. Actively exploited CVE : CVE-2024-47177

    @transilienceai

    20 Oct 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  5. CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177: Linux OpenPrinting CUPS RCE GitHub.. https://t.co/J2CFFT1Qhx For more information about CUPS.(Printing system remote execution.. 👇 https://t.co/ELv0lGyaYU #CVE

    @un_exceptional

    13 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    2 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2024-47177

    @transilienceai

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. ثغرات متعددة في CUPS تتيح تنفيذ التعليمات البرمجية عن بُعد على نظام #Linux 1) cve-2024-47076 2) CVE-2024-47175 3) CVE-2024-47176 4) CVE-2024-47177 استعلام #Criminal_IP ✅title: CUPS port:631 ✅title: Home - CUPS port:631 https://t.co/TwVHxOmvB7 https://t.co/Dml9z1YZ7F

    @CriminalIP_AR

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References