CVE-2025-32788 — MEDIUM (4.3)

Q: How severe is CVE-2025-32788?

CVE-2025-32788 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-32788?

Check the references section above for vendor advisories and patch information. Affected products include: Octoprint Octoprint.

Vulnerability Description

OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Octoprint	Octoprint	< 1.11.0

Related Weaknesses (CWE)

CWE-290

References

FAQ

What is CVE-2025-32788?

CVE-2025-32788 is a vulnerability with a CVSS score of 4.3 (MEDIUM). OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and ...

How severe is CVE-2025-32788?

CVE-2025-32788 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-32788?

Check the references section above for vendor advisories and patch information. Affected products include: Octoprint Octoprint.