mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
2.9 KiB
2.9 KiB
CVE-2024-47176
Description
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDR_ANY:631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
POC
Reference
- https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
- https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
- https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
- https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
Github
- https://github.com/0x7556/CVE-2024-47176
- https://github.com/0xCZR1/PoC-Cups-RCE-CVE-exploit-chain
- https://github.com/20142995/nuclei-templates
- https://github.com/782e616c6d/782e616c6d
- https://github.com/Alie-N/cups-vulnerability-exploit
- https://github.com/AxthonyV/CVE-2024-47176
- https://github.com/CrackerCat/feed
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GO0dspeed/spill
- https://github.com/GraveRose/cups
- https://github.com/Kuri119/EvilCups
- https://github.com/MalwareTech/CVE-2024-47176-Scanner
- https://github.com/NIMRAA3/cisco-n-map-port-scanning-lab
- https://github.com/Ostorlab/KEV
- https://github.com/WillGAndre/WillGAndre
- https://github.com/aytackalinci/CVE-2024-47176
- https://github.com/cyb3r-w0lf/nuclei-template-collection
- https://github.com/fr33s0ul/CUPS-mitigation-script
- https://github.com/gianlu111/CUPS-CVE-2024-47176
- https://github.com/gonoph/ansible-mitigation
- https://github.com/gumerzzzindo/CVE-2024-47176
- https://github.com/l0n3m4n/CVE-2024-47176
- https://github.com/lkarlslund/jugular
- https://github.com/mr-r3b00t/CVE-2024-47176
- https://github.com/nma-io/CVE-2024-47176
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/onhexgroup/Exploits-Review
- https://github.com/referefref/cupspot-2024-47177
- https://github.com/rix4uni/medium-writeups
- https://github.com/tonyarris/CVE-2024-47176-Scanner
- https://github.com/workabhiwin09/CVE-2024-47176