CVE-2024-8374 | Ultimaker Cura up to 5.7.2 3MF Format Reader ThreeMFReader.py drop_to_buildplate code injection

Posted by Angelo Barbosa | Sep 3, 2024 | CVE

A vulnerability was found in Ultimaker Cura up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /plugins/ThreeMFReader.py of the component 3MF Format Reader. The manipulation of the argument drop_to_buildplate leads to code injection.

The identification of this vulnerability is CVE-2024-8374. The attack may be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-8374 | Ultimaker Cura up to 5.7.2 3MF Format Reader ThreeMFReader.py drop_to_buildplate code injection

Related Posts

CVE-2024-4728 | Campcodes Legal Case Management System 1.0 /admin/court court_name cross site scripting

CVE-2024-36502 | Huawei HarmonyOS/EMUI Audio Module out-of-bounds

CVE-2024-29477 | Dolibarr ERP CRM up to 19.0.0 Privilege Escalation

CVE-2023-42956 | Apple Safari Web Content memory corruption