Description
The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server.
References (2)
Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520
Broken Link x_refsource_misc
https://secur3.us/index.php/vulnerabilities/
Scores
CVSS v3
7.5
EPSS
0.0117
EPSS Percentile
63.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
makerbot/replicator_5th_generation_firmware
Published
Jun 24, 2019
Tracked Since
Feb 18, 2026