search

MarlinFirmware / Marlin

Marlin is an optimized firmware for RepRap 3D printers based on the Arduino platform. Many commercial 3D printers come with Marlin installed. Check with your vendor if you need source code for your specific machine.
https://marlinfw.org
GNU General Public License v3.0
16.27k stars 19.23k forks source link

Found CRITICAL Vulnerability in your website ! - marlin.crc.id.au #26388

Closed imchiragprajapati closed 1 year ago

imchiragprajapati commented 1 year ago

Did you test the latest bugfix-2.1.x code?

Yes, and the problem still exists.

Bug Description

Hello I am Chirag Prajapati a Certified Penetration Tester and Ethical Hacker my License no is: 10188-161-078-1726.

We would like to inform you that, a security vulnerability affecting your website.

Affected Website: marlin.crc.id.au

Following the ISO/IEC 29147 (“Information technology — Security techniques — Vulnerability disclosure”) guidelines, we verified the vulnerability's existence prior to notifying you. Please connect with us for technical details of the vulnerability, The researcher may also help remediate the vulnerability if you need any assistance.

For more information I request you to kindly revert me back so that I can share with you the report ! Looking forward to hearing from you !

Bug Timeline

No response

Expected behavior

No response

Actual behavior

No response

Steps to Reproduce

No response

Version of Marlin Firmware

NA

Printer model

No response

Electronics

No response

Add-ons

No response

Bed Leveling

None

Your Slicer

None

Host Software

None

Don't forget to include

Additional information & file uploads

No response

EvilGremlin commented 1 year ago

looks very much like scam account nah seems legit https://github.com/wwivbbs/wwiv/issues/1462 it's not our website, it's @CRCinAU

The-EG commented 1 year ago

Even if this is legit, marlin.crc.id.au is run by a community member and is not officially associated with Marlin or its official site.

imchiragprajapati commented 1 year ago

Respected sir, So whom I have to connect? Can you guide me please?

Looking forward to hearing from you!

On Thu, 2 Nov, 2023, 10:28 pm Taylor Talkington, @.***> wrote:

Even if it this legit, marlin.crc.id.au is run by a community member and is not officially associated with Marlin or its official site.

— Reply to this email directly, view it on GitHub https://github.com/MarlinFirmware/Marlin/issues/26388#issuecomment-1791122182, or unsubscribe https://github.com/notifications/unsubscribe-auth/AON7CVOFT6OAL7VRY36XUJ3YCPGKTAVCNFSM6AAAAAA63EZPDKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJRGEZDEMJYGI . You are receiving this because you authored the thread.Message ID: @.***>

thisiskeithb commented 1 year ago

So whom I have to connect?

You’ll need to contact @CRCinAU since that is not our website.

Marlin Firmware’s official website is https://marlinfw.org/

CRCinAU commented 1 year ago

Respected sir, So whom I have to connect? Can you guide me please? Looking forward to hearing from you!

You can either contact me via my website linked in my profile, or via a direct message on forums at https://marlin.crc.id.au/forum/

github-actions[bot] commented 10 months ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.