vulnerability
FreeBSD: VID-24375796-7cbc-11ef-a3a9-001cc0382b2f (CVE-2024-47176): cups-filters -- remote code execution
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Sep 27, 2024 | Sep 29, 2024 | Jun 15, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Sep 27, 2024
Added
Sep 29, 2024
Modified
Jun 15, 2026
Description
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
Solutions
freebsd-upgrade-package-cups-filtersfreebsd-upgrade-package-cups
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.