CVE-2024-24051

Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md	Broken Link
https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md	Broken Link

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:monoprice:select_mini_3d_printer_v2_firmware:37.115.32:*:*:*:*:*:*:*

cpe:2.3:h:monoprice:select_mini_3d_printer_v2:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-12 18:15

Updated : 2025-03-25 17:15

NVD link : CVE-2024-24051

Mitre link : CVE-2024-24051

CVE.ORG link : CVE-2024-24051

JSON object : View

Products Affected

monoprice

select_mini_3d_printer_v2_firmware
select_mini_3d_printer_v2

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-24051", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-06-12T18:15:10.920", "references": [{"url": "https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://github.com/tkruppert/Reported_Vulnerabilities/blob/main/CVE-2024-24051.md", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file."}, {"lang": "es", "value": "La validaci\u00f3n de entrada incorrecta de los archivos de impresi\u00f3n en Monoprice Select Mini V2 V37.115.32 permite a los atacantes indicar a las partes m\u00f3viles del dispositivo destinos que exceden las coordenadas m\u00e1ximas de los dispositivos mediante la impresi\u00f3n de un archivo .gcode malicioso."}], "lastModified": "2025-03-25T17:15:50.743", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:monoprice:select_mini_3d_printer_v2_firmware:37.115.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D8D610F-4B1E-4736-AB77-311D52AAF424"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:monoprice:select_mini_3d_printer_v2:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CCF0FA4C-6C8C-4A3E-BFC7-4973389ED13D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}