Jump to content
burhop

Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

Recommended Posts

Posted · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

Hi all.  I just got a new Ultimaker 3.  Today, our network security folks said their tests show that it suffers from  "Nginx Remote Integer Overflow Vulnerability"

 

To fix it, they say to install NginX 1.13.3; 1.12.1 or later version.  I don't know if this is even possible given it is a 3D printer and not really a web server.

 

 

 

Share this post


Link to post
Share on other sites
Posted · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

I'm told changing to a non-scanned port may work.

 

Is there a way to change the default port for the http server running on the Ultimaker 3?

Share this post


Link to post
Share on other sites
Posted (edited) · Ulitimaker 3 - Nginx Remote Integer Overflow Vulnerability

I have not tested this, but upgrading NginX could be "as simple as" enabling developer mode, logging in to the printer as root/ultimaker over ssh, and running "apt update && apt upgrade nginx" (or nginx-light)

Edited by ahoeben

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Welcome to the Ultimaker Community of 3D printing experts. Visit the following links to read more about our Terms of Use or our Privacy Policy. Thank you!