HIGH🇵🇱 Wersja polska

CVE-2022-2822

CVSS 7.5v3.1pub. 2022-08-15upd. 2024-11-21

An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Octoprint

    APP
    Octoprint
    < 1.9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-16710CRITICAL9.1ten sam produkt

OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service v...

CVE-2025-58180HIGH7.5ten sam produkt

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and inclu...

CVE-2024-32977HIGH7.1ten sam produkt

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and inclu...

CVE-2022-3068HIGH8.8ten sam produkt

Improper Privilege Management in GitHub repository octoprint/octoprint prior to 1.8.3.

CVE-2022-2930HIGH7.8ten sam produkt

Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3.