Описание
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.
EPSS
Процентиль: 21%
0.00067
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 9.8
github
4 дня назад
Bambuddy Uses Hardcoded Secret Key + Many API Endpoints do not Require Authentication
EPSS
Процентиль: 21%
0.00067
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-306