Jump to content
Ultimaker Community of 3D Printing Experts

Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability


Recommended Posts

Posted · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

Hi all.  I just got a new Ultimaker 3.  Today, our network security folks said their tests show that it suffers from  "Nginx Remote Integer Overflow Vulnerability"

 

To fix it, they say to install NginX 1.13.3; 1.12.1 or later version.  I don't know if this is even possible given it is a 3D printer and not really a web server.

 

 

 

  • Link to post
    Share on other sites
    • 3 weeks later...
    Posted · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

    I'm told changing to a non-scanned port may work.

     

    Is there a way to change the default port for the http server running on the Ultimaker 3?

  • Link to post
    Share on other sites
    Posted (edited) · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

    I have not tested this, but upgrading NginX could be "as simple as" enabling developer mode, logging in to the printer as root/ultimaker over ssh, and running "apt update && apt upgrade nginx" (or nginx-light)

    Edited by ahoeben
  • Link to post
    Share on other sites

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
    ×
    ×
    • Create New...