Love your Prusa printer? Share your experience today and get rewarded 🚀 Earn $30 Prusa e-shop vouchers—and your friends get a free Prusament spool.
3D Models LearningOther 3D Objects for Learning

CVE-2024-8374 PoC

0 reviews
This is a proof-of-concept for UltiMaker Cura code execution vulnerability (CVE-2024-8374).
1
15
0
77
updated November 7, 2024

Description

PDF

This model is completely harmless to your device and serves only as a proof-of-concept for security research on UltiMaker Cura versions 5.7.0 to 5.7.2, which are vulnerable to code execution through 3MF model loading.

Opening poc-code-execution.3mf with vulnerable Cura version will spawn a calculator application on your computer.

IMPORTANT NOTICE:

If you're using a vulnerable version of Cura (5.7.0 to 5.7.2), it is HIGHLY RECOMMENDED that you upgrade to Cura 5.8.0 or later, where this vulnerability has been addressed and mitigated.

For further information, please refer to Checkmarx ZERO blogpost.

Tags

curapocvulnerability

Model origin

The author marked this model as their own original creation.

License