Vulnerabilidades en OctoPrint
20 resultadosCVE-2025-58180HIGHOctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File UploadEPSS 19.3%CVE-2022-1430HIGHCross-site Scripting (XSS) - DOM in octoprint/octoprintEPSS 1.3%CVE-2022-1432HIGHCross-site Scripting (XSS) - Generic in octoprint/octoprintEPSS 1.2%CVE-2024-32977HIGHOctoPrint Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabledEPSS 0.9%CVE-2022-2822LOWAuthentication Bypass by Primary Weakness in octoprint/octoprintEPSS 0.7%CVE-2023-41047MEDIUMImproper Neutralization of Special Elements Used in a Template Engine in OctoPrintEPSS 0.6%CVE-2022-2872LOWUnrestricted Upload of File with Dangerous Type in octoprint/octoprintEPSS 0.5%CVE-2024-23637MEDIUMOctoPrint Unverified Password Change via Access Control SettingsEPSS 0.5%CVE-2026-23892MEDIUMOctoPrint has Timing Side-Channel Vulnerability in API Key AuthenticationEPSS 0.5%CVE-2024-28237MEDIUMOctoPrint XSS via the "Snapshot Test" feature in Classic Webcam plugin settingsEPSS 0.4%CVE-2022-3068MEDIUMImproper Privilege Management in octoprint/octoprintEPSS 0.4%CVE-2022-3607MEDIUMFailure to Sanitize Special Elements into a Different Plane (Special Element Injection) in octoprint/octoprintEPSS 0.4%CVE-2022-2930MEDIUMUnverified Password Change in octoprint/octoprintEPSS 0.3%CVE-2024-51493MEDIUMAPI key access in settings without reauthentication in OctoPrintEPSS 0.3%CVE-2022-2888MEDIUMInsufficient Session Expiration in octoprint/octoprintEPSS 0.3%CVE-2024-49377MEDIUMJinja2 Templates are vulnerable to XSS attacks due to their configuration in OctoPrintEPSS 0.3%CVE-2025-48879MEDIUMOctoPrint Vulnerable to Denial of Service through malformed HTTP requestEPSS 0.2%CVE-2025-32788MEDIUMOctoPrint Authenticated Reverse Proxy Page Authentication BypassEPSS 0.2%CVE-2025-48067MEDIUMOctoPrint vulnerable to possible file extraction via upload endpointsEPSS 0.2%CVE-2025-64187MEDIUMOctoPrint is vulnerable to XSS through Action Command Notifications and PromptsEPSS 0.1%