CVE-2021-32560

CVE-2021-32560

EPSS 1.5%

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not *.log files.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/OctoPrint/OctoPrint/releases/tag/1.6.0 https://octoprint.org/blog/2021/04/27/new-release-1.6.0/https://www.brzozowski.io/web-applications/2021/05/11/the-insecure-story-of-octoprint.html