Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-08-28 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISC Stormcast For Wednesday, August 29th 2018 https://isc.sans.edu/podcastdetail.html?id=6144

OctoPrint 3D Web Interfaces: EXPOSED, Port 5000 default

Published: 2018-08-28
Last Updated: 2018-08-28 20:23:09 UTC
by Richard Porter (Version: 2)
1 comment(s)

Okay folks, we had a reader report in that they have found over 3000+ exposed OctoPrint (thanks Kalaiarasu!) [1]. This web server, by default, binds to port 5000 and the access controls [2] do not seem to have much in the way of restricting access, except by user. If you have one of these running, do yourself a favor and check for internet facing exposure.

 

The docs indicate that you can have access to a remote webcam for status, among many other things [2]. Sourcecode is up on Github [3] and is released as an opensource project.

We are reseaching this and will update this diary as we get info.

 

If you have one of these, let us know how you are securing it?

 

[1] https://octoprint.org/

[2] http://docs.octoprint.org/en/master/index.html

[3] https://github.com/foosel/OctoPrint

 

 

Richard Porter

--- ISC Handler on Duty

Keywords:
1 comment(s)
Diary Archives