CVE-2024-47076

HIGH

libcupsfilters < 2.0.0 - Improper Input Validation in cfGetPrinterAttributes5

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-47076. PoCs published by mutkus, Simone Margaritelli, Rick de Jager, s ipp-server, , # mDNS functionality, ,, including Metasploit module exploits/multi/misc/cups_ipp_remote_code_execution.

AI-analyzed exploit summary This repository contains a README describing CVE-2024-47076, a vulnerability in CUPS (Common UNIX Printing System), but does not include any exploit code or scanner scripts. It references a blog post for further details.

Description

CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system.

Exploits (2)

nomisec WRITEUP
by mutkus · poc
https://github.com/mutkus/CVE-2024-47076

This repository contains a README describing CVE-2024-47076, a vulnerability in CUPS (Common UNIX Printing System), but does not include any exploit code or scanner scripts. It references a blog post for further details.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: CUPS (Common UNIX Printing System)
No auth needed
Prerequisites: CUPS installed on Linux/Unix systems
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Simone Margaritelli, Rick de Jager, s ipp-server, , # mDNS functionality, , · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/cups_ipp_remote_code_execution.rb

This Metasploit module exploits multiple CUPS vulnerabilities (CVE-2024-47076, etc.) by advertising a malicious printer via mDNS and IPP, achieving remote code execution when a victim sends a print job. It includes detailed IPP protocol implementation and multicast DNS handling.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: OpenPrinting CUPS (cups-browsed <= 2.0.1, libcupsfilters <= 2.1b1, libppd <= 2.1b1, cups-filters <= 2.0.1)
No auth needed
Prerequisites: LAN access · victim interaction (sending print job)
devstral-2 · analyzed Mar 05, 2026 Full analysis →

References (9)

Core 9
Core References
Product x_refsource_misc
https://www.cups.org

Scores

CVSS v3 8.6
EPSS 0.7585
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (2)
openprinting/libcupsfilters 2.1 beta1
openprinting/libcupsfilters < 2.0.0
Published Sep 26, 2024
Tracked Since Feb 18, 2026