Vulnerability Details CVE-2018-1000537
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.066
EPSS Ranking 90.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-1000537
-
cpe:2.3:o:marlinfw:marlin_firmware:1.0.0
-
cpe:2.3:o:marlinfw:marlin_firmware:1.0.1
-
cpe:2.3:o:marlinfw:marlin_firmware:1.0.2
-
cpe:2.3:o:marlinfw:marlin_firmware:1.0.2-1
-
cpe:2.3:o:marlinfw:marlin_firmware:1.0.2-2
-
cpe:2.3:o:marlinfw:marlin_firmware:1.1.0