CVE-2018-16710

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-16710
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16710.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-16710
Published
2018-09-07T19:29:00.537Z
Modified
2026-04-10T04:09:40.876359Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough.

References

Affected packages

Git / github.com/foosel/octoprint

Affected ranges

Type
GIT
Repo
https://github.com/foosel/octoprint
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
97d37c50787a6915cc61e0d0158ea98c7648bd1a
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.3.9"
        }
    ]
}

Affected versions

1.*
1.1.0-dev
1.2.0
1.2.0-dev
1.2.0-rc1
1.2.0-rc2
1.2.0-rc3
1.2.1
1.2.10
1.2.11
1.2.12
1.2.13
1.2.14
1.2.15
1.2.16
1.2.16rc1
1.2.16rc2
1.2.17rc1
1.2.17rc2
1.2.17rc3
1.2.18
1.2.18rc1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.3.1rc1
1.3.2rc1
1.3.3rc1
1.3.3rc2
1.3.5rc1
1.3.6rc1
1.3.7rc1
1.3.9
1.3.9rc1
1.3.9rc2
1.3.9rc3
1.3.9rc4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16710.json"