CVE-2024-47850
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-47850 identifies a vulnerability in CUPS cups-browsed versions prior to 2.5b1, which allows an HTTP POST request to be sent to arbitrary destinations and ports upon receiving a specific IPP UDP packet. Affected products include zONetB, zONetA, zOe3fL, zNekTC, and zNekTD. This flaw poses a high risk as it can be exploited to facilitate Distributed Denial of Service (DDoS) amplification attacks, with an exploitability score of 3.9 and base severity rated as high (7.5). To mitigate this vulnerability, organizations are advised to update their CUPS installations to version 2.5b1 or later. The attack does not require user interaction or special privileges, increasing the potential threat level for networks utilizing affected products.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.