Listen to this Post
How CVE-2025-48067 Works
OctoPrint versions up to 1.11.7, as well as 2.0.0rc1 and 2.0.0rc2, contain a vulnerability that allows an attacker with the `FILE_UPLOAD` permission to exfiltrate files from the host system. The core issue lies in how OctoPrint’s custom Tornado upload handler interacts with the Flask web framework.
When a file is uploaded, the Tornado handler streams it to a temporary file on disk and rewrites the request, adding internal form fields that tell Flask where to locate this temporary file. These fields are reserved for internal use and should never be accepted from a client. The original fix for this vulnerability (CVE-2025-48067) in version 1.11.2 stripped these fields when sent as multipart form data. However, this fix was incomplete.
An attacker can still inject these reserved fields through other channels, such as plain query parameters. Additionally, because the Tornado handler and Flask (Werkzeug) do not parse requests identically, an attacker can smuggle these fields via “parser differentials”—requests that appear harmless to the Tornado handler but are parsed differently by Flask, which still sees the injected fields.
By exploiting these vectors, an attacker can make OctoPrint treat an arbitrary file on the host as a newly uploaded file and move it into the upload folder, where it can then be downloaded. This can lead to the exfiltration of sensitive files, such as configuration secrets, or the removal of critical runtime files, potentially causing a denial of service. The following endpoints are affected: /api/files/{local|sdcard}, /api/languages, /plugin/backup/restore, and /plugin/pluginmanager/upload_file. Third-party plugins with upload functionality may also be vulnerable.
DailyCVE Form:
Platform: OctoPrint
Version: ≤1.11.7, 2.0.0rc1, 2.0.0rc2
Vulnerability: File Extraction via Parameter Injection
Severity: Moderate
Date: 2026-06-23
Prediction: Already Patched (1.11.8, 2.0.0rc3)
What Undercode Say:
The incomplete fix for CVE-2025-48067 in version 1.11.2 left the door open for attackers to bypass the new restrictions. The primary risk is the exfiltration of sensitive configuration files and system secrets. While the requirement of a user account with `FILE_UPLOAD` permissions limits the attack surface, the potential for data breaches and service disruption remains significant. The official patch in versions 1.11.8 and 2.0.0rc3 implements a multi-layered defense: it rejects any request carrying reserved fields, aligns the Tornado handler’s request parsing with Flask’s to eliminate parser differentials, and re-validates the rewritten request before forwarding it to Flask.
Exploit:
An attacker can exploit this vulnerability by crafting a malicious HTTP request to an affected upload endpoint. The request includes the reserved internal form fields—either as query parameters or through parser differentials—to trick OctoPrint into moving an arbitrary file from the host into the upload directory. The following is a conceptual example of how such an attack might be structured:
Example: Exploiting via query parameter injection curl -X POST "http://target-octoprint/api/files/local?field=../../../etc/passwd" \ -H "Authorization: Bearer <API_KEY>" \ -F "file=@/dev/null"
Affected Endpoints:
– `/api/files/{local|sdcard}`
– `/api/languages`
– `/plugin/backup/restore`
– `/plugin/pluginmanager/upload_file`
Protection:
- Upgrade OctoPrint to version 1.11.8 or 2.0.0rc3 immediately.
- Restrict `FILE_UPLOAD` permissions to only trusted users.
- Implement network-level access controls to limit who can reach the OctoPrint web interface.
- Monitor logs for unusual upload activity or requests containing unexpected parameters.
Impact:
- Confidentiality: An attacker can read any file on the host system that the OctoPrint process has access to, potentially exposing sensitive configuration data, API keys, and user information.
- Availability: By moving or deleting critical runtime files, an attacker could cause the OctoPrint service or the entire host to become unstable or fail to restart.
- Accountability: The attack requires a valid user account with `FILE_UPLOAD` permissions, which helps in auditing and tracing the attacker’s actions.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
