Unrated severityNVD Advisory· Published Sep 26, 2024· Updated Nov 4, 2025
cups-browsed binds to `INADDR_ANY:631`, trusting any packet from any source
CVE-2024-47176
Description
CUPS is a standards-based, open-source printing system, and cups-browsed contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. cups-browsed binds to INADDR_ANY:631, causing it to trust any packet from any source, and can cause the Get-Printer-Attributes IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
Affected products
28- osv-coords27 versionspkg:deb/ubuntu/cups-browsed@2.0.1-0ubuntu2.1?arch=source&distro=oracularpkg:rpm/opensuse/cups-filters&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/cups-filters&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/cups-filters&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cups-filters&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/cups-filters&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/cups-filters&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/poppler&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/poppler-qt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 2.0.1-0ubuntu2.1+ 26 more
- (no CPE)range: < 2.0.1-0ubuntu2.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.28.17-5.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.0.58-19.26.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.0.58-19.26.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 1.25.0-150200.3.16.1
- (no CPE)range: < 0.43.0-16.49.1
- (no CPE)range: < 0.43.0-16.49.1
- (no CPE)range: < 0.43.0-16.49.1
- (no CPE)range: < 0.43.0-16.49.1
- (no CPE)range: < 0.43.0-16.49.1
- (no CPE)range: < 0.43.0-16.49.1
- OpenPrinting/cups-browsedv5Range: <= 2.0.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/OpenPrinting/cups-browsed/blob/master/daemon/cups-browsed.cmitrex_refsource_MISC
- github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8mitrex_refsource_CONFIRM
- github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47mitrex_refsource_MISC
- github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5mitrex_refsource_MISC
- github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6mitrex_refsource_MISC
- www.cups.orgmitrex_refsource_MISC
- www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-Imitrex_refsource_MISC
News mentions
0No linked articles in our index yet.