vulnerability

CUPS: CVE-2024-47176: Unvalidated UDP Binds

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	Sep 26, 2024	Sep 26, 2024	Sep 30, 2024

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

Sep 26, 2024

Added

Sep 26, 2024

Modified

Sep 30, 2024

Description

Affecting cups-browsed less than or equal to 2.0.1: binds on UDP INADDR_ANY:631 trusting any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL.

Solution

misc-no-solution-exists

References

CVE-2024-47176
https://attackerkb.com/topics/CVE-2024-47176
URL-https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today