pygcode icon indicating copy to clipboard operation
pygcode copied to clipboard

Published 20 hours ago verified publisher icon fragmuffin

Exported GCode contains OctoPrint API Key

Open akloster opened this issue 4 years ago • 0 comments

I manually inspected some GCode file and by accident discovered the following line:

; printhost_apikey = XXXXXXXXXXXXX

I would not classify this as a severe vulnerability, but I don't think users are aware that their gcode files now contain the access credentials to control their OctoPrint Host. Sharing GCode is rare, but it happens.

akloster avatar Jan 27 '20 08:01 akloster