{"uuid": "7cea3b09-1234-4d7b-a57c-22d9490ed692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47177", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15564", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47177\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE-2024-47176, this can lead to remote command execution.\n\nThis vulnerability has been disputed by a third party because `FoomaticRIPCommandLine` is functionality that is intended to execute administrator specified code.\n\ud83d\udccf Published: 2024-09-26T21:56:36.661Z\n\ud83d\udccf Modified: 2025-05-08T16:33:14.340Z\n\ud83d\udd17 References:\n1. https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47\n2. https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8\n3. https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5\n4. https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6\n5. https://bugzilla.suse.com/show_bug.cgi?id=1230931\n6. https://www.cups.org\n7. https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I", "creation_timestamp": "2025-05-08T17:24:19.000000Z"}