CVE-2025-58060

HIGH

OpenPrinting CUPS < 2.4.13 - Authentication Bypass via Basic Auth Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-58060. PoCs published by aniruddh-bhandarkar.

AI-analyzed exploit summary The repository contains a Python-based scanner for CVE-2025-58060, which detects vulnerable CUPS versions and probes for an authentication bypass vulnerability. It includes version detection and active probing but does not contain exploit code for achieving remote code execution or other offensive actions.

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

Exploits (1)

nomisec SCANNER

by aniruddh-bhandarkar · poc

https://github.com/aniruddh-bhandarkar/cups-script-final-project

View Code ZIP pw:eip

The repository contains a Python-based scanner for CVE-2025-58060, which detects vulnerable CUPS versions and probes for an authentication bypass vulnerability. It includes version detection and active probing but does not contain exploit code for achieving remote code execution or other offensive actions.

Classification

Scanner 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: CUPS (Common Unix Printing System) versions below 2.4.13

No auth needed

Prerequisites: Network access to the CUPS service (port 631) · CUPS service running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Apr 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq

Patch x_refsource_misc

https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221

View Patch ZIP pw:eip

Mailing List

https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html

Mailing List

http://www.openwall.com/lists/oss-security/2025/09/11/1

Scores

CVSS v3 8.0

EPSS 0.0096

EPSS Percentile 56.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-287

Status published

Products (1)

openprinting/cups < 2.4.13

Published Sep 11, 2025

Tracked Since Feb 18, 2026