CVE-2018-16710

Name of the Vulnerable Software and Affected Versions OctoPrint versions 1.3.9 and earlier

Description The issue allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. The vendor disputes the significance of this report, citing their documentation that warns against putting OctoPrint onto the public internet due to security concerns.

Recommendations For OctoPrint versions 1.3.9 and earlier, consider restricting access to port 8081 to minimize the risk of exploitation. As a temporary workaround, limit public exposure of OctoPrint instances, following the vendor's guidance on secure configuration. At the moment, there is no information about a newer version that contains a fix for this vulnerability.