Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Found CRITICAL Vulnerability in your website ! - marlin.crc.id.au #26388

Closed
1 task done
imchiragprajapati opened this issue Nov 2, 2023 · 6 comments
Closed
1 task done

Found CRITICAL Vulnerability in your website ! - marlin.crc.id.au #26388

imchiragprajapati opened this issue Nov 2, 2023 · 6 comments

Comments

@imchiragprajapati
Copy link

Did you test the latest bugfix-2.1.x code?

Yes, and the problem still exists.

Bug Description

Hello I am Chirag Prajapati a Certified Penetration Tester and Ethical Hacker my License no is: 10188-161-078-1726.

We would like to inform you that, a security vulnerability affecting your website.

Affected Website: marlin.crc.id.au

Following the ISO/IEC 29147 (“Information technology — Security techniques — Vulnerability disclosure”) guidelines, we verified the vulnerability's existence prior to notifying you. Please connect with us for technical details of the vulnerability,
The researcher may also help remediate the vulnerability if you need any assistance.

For more information I request you to kindly revert me back so that I can share with you the report !
Looking forward to hearing from you !

Bug Timeline

No response

Expected behavior

No response

Actual behavior

No response

Steps to Reproduce

No response

Version of Marlin Firmware

NA

Printer model

No response

Electronics

No response

Add-ons

No response

Bed Leveling

None

Your Slicer

None

Host Software

None

Don't forget to include

  • A ZIP file containing your Configuration.h and Configuration_adv.h.

Additional information & file uploads

No response
@EvilGremlin
Copy link
Contributor

EvilGremlin commented Nov 2, 2023
edited
Loading

looks very much like scam account nah seems legit wwivbbs/wwiv#1462
it's not our website, it's @CRCinAU

@The-EG
Copy link
Contributor

The-EG commented Nov 2, 2023
edited
Loading

Even if this is legit, marlin.crc.id.au is run by a community member and is not officially associated with Marlin or its official site.

@imchiragprajapati
Copy link
Author

imchiragprajapati commented Nov 2, 2023 via email

@thisiskeithb
Copy link
Member

thisiskeithb commented Nov 2, 2023
edited
Loading

So whom I have to connect?

You’ll need to contact @CRCinAU since that is not our website.

Marlin Firmware’s official website is https://marlinfw.org/

@thisiskeithb thisiskeithb changed the title Found CRITICAL Vulnerability in your website ! Found CRITICAL Vulnerability in your website ! - marlin.crc.id.au Nov 2, 2023
@CRCinAU
Copy link
Contributor

CRCinAU commented Nov 3, 2023

Respected sir, So whom I have to connect? Can you guide me please? *Looking forward to hearing from you! *

You can either contact me via my website linked in my profile, or via a direct message on forums at https://marlin.crc.id.au/forum/

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 2, 2024

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked and limited conversation to collaborators Jan 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@CRCinAU @The-EG @thisiskeithb @EvilGremlin @imchiragprajapati