VDB

GCVE-110-NCSC-2024-384

GCVE-110-NCSC-2024-384
Advisory PublishedCVSS 8.3/10
Vulnetix · Advisory published September 27, 2024
Onlangs zijn er door een onderzoeker een aantal kwetsbaarheden ontdekt in CUPS die kunnen leiden tot Remote Code Execution. Deze zijn bekend gemaakt als "9.9 RCE affecting all GNU/Unix systems".

Weaknesses (CWE)

CWE-20Improper Input ValidationCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')

Risk Scores

CVSS 3.1
8.3/10
High · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Threat Intelligence

Snort Rules (1)

1001764 — ET INFO Possible CUPS browsed Get-Printer-Attributes request to attacker controlled URL (CVE-2024-47176)

Affected Products

VendorProductVersionsPlatforms
openprintingcups-filters
openprintingcups-browsed
openprintinglibcupsfilters

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›