• @[email protected]
    link
    fedilink
    English
    2710 months ago

    You should blame anycubic for their mqtt server which allows any valid credential to connect and control your printer via the matt API. Let’s just hope anycubic fixes their mqtt server.

    Well that’s smart…

    • @RamblingPanda
      link
      English
      610 months ago

      I’m by no means a security specialist. But shit like this is the first thing I look for when I implement something. And then I organize a penetration test.

  • @[email protected]
    link
    fedilink
    English
    2210 months ago

    Buying a proprietary 3D printer with internet connectivity. What could possibly go wrong?

    Going by the linked forum post, Anycubic has been aware of it for two months. Any competent FOSS project would have nipped that in the bud on the same day it was discovered. Incredible.

  • @[email protected]
    link
    fedilink
    English
    20
    edit-2
    10 months ago

    And bad actors could really do some damage if they can put a gcode file that is then printed

    Maybe it crashes the head to damage it… or runs the extruder or bed at high temps outside what should be safely printed