CVE-2024-47177

Disclosure Date: September 26, 2024 •

CVE-2024-47177

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to FoomaticRIPCommandLine via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

OpenPrinting

Products

cups-filters

References

Canonical

CVE-2024-47177 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47177)

Exploit

PoCs that have not been added by contributors directly have been sourced from: nomi-sec/PoC-in-GitHub.
A PoC added here by the AKB Worker must have at least 2 GitHub stars.

cupspot-2024-47177 (https://github.com/referefref/cupspot-2024-47177) (Added by AKB Worker)