CVE-2021-34086
10.01.2022, 14:10
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. They do not verify incoming requests.
| Vendor | Product | Version |
|---|---|---|
| ultimaker | ultimaker_s3_firmware | 𝑥 ≤ 6.3 |
| ultimaker | ultimaker_s5_firmware | 𝑥 ≤ 6.3 |
| ultimaker | ultimaker_3_firmware | 𝑥 ≤ 5.2.16 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References