Description

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0.

INFO

Published Date :

2025-04-22T17:14:39.690Z

Last Modified :

2025-04-25T16:03:30.506Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32788 vulnerability.

Vendors Products
Octoprint
  • Octoprint
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32788.

URL Resource
https://github.com/OctoPrint/OctoPrint/commit/41ff431014edfa18ca1a01897b10463934dc7fc2 cve-icon cve-icon
https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-qw93-h6pf-226x cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact