vulnerability

CUPS: CVE-2024-47176: Unvalidated UDP Binds

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	2024-09-26	2024-09-26	2024-09-30

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

2024-09-26

Added

2024-09-26

Modified

2024-09-30

Description

Affecting cups-browsed less than or equal to 2.0.1: binds on UDP INADDR_ANY:631 trusting any packet from any source to trigger a Get-Printer-Attributes IPP request to an attacker controlled URL.

Solution

misc-no-solution-exists

References

CVE-2024-47176
https://attackerkb.com/topics/CVE-2024-47176
URL-https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today