Fluid Attacks Database

Description

CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDR_ANY:631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	cups-filters	>=0 <1.28.17-5	1.28.17-5
debian 11	cups-filters	=1.28.7-1 \|\| =1.28.7-1+deb11u1 \|\| =1.28.7-1+deb11u2 \|\| >=0 <1.28.7-1+deb11u3	1.28.7-1+deb11u3
debian 12	cups-filters	=1.28.17-3 \|\| >=0 <1.28.17-3+deb12u1	1.28.17-3+deb12u1
debian 14	cups-filters	>=0 <1.28.17-5	1.28.17-5
rpm rhel9.2	cups-filters	<0:1.28.7-11.el9_2.2	0:1.28.7-11.el9_2.2
rpm rhel7	cups-filters	-	-
rpm rhel8	cups-filters	<0:1.20.0-35.el8_10	0:1.20.0-35.el8_10
rpm rhel8.8	cups-filters	<0:1.20.0-29.el8_8.3	0:1.20.0-29.el8_8.3
rpm rhel9	cups-filters	<0:1.28.7-17.el9_4	0:1.28.7-17.el9_4

Aliases

1. CVE-2024-471762. NVD-2024-471763. OSV-DEBIAN-2024-471764. OSV-2024-471765. SECURITY-TRACKER-CVE-2024-47176

References

1. https://vulncheck.com/cve/CVE-2024-471762. https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2024/CVE-2024-47176.yaml3. https://github.com/GO0dspeed/spill4. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/cups_ipp_remote_code_execution.rb

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.