From d5b71aa581488ed870034b9888269b956d29b8ee Mon Sep 17 00:00:00 2001
From: jenkins-metasploit <jenkins-metasploit@build-production.r7ops.com>
Date: Fri, 22 Nov 2024 14:28:34 +0000
Subject: [PATCH] automatic module_metadata_base.json update

---
 db/modules_metadata_base.json | 65 +++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
index b6e39a03b25e..736033101c44 100644
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@@ -118292,6 +118292,71 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_multi/misc/cups_ipp_remote_code_execution": {
+    "name": "CUPS IPP Attributes LAN Remote Code Execution",
+    "fullname": "exploit/multi/misc/cups_ipp_remote_code_execution",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2024-09-26",
+    "type": "exploit",
+    "author": [
+      "Simone Margaritelli",
+      "Rick de Jager",
+      "David Batley",
+      "Spencer McIntyre",
+      "RageLtMan <rageltman@sempervictus>",
+      "Ryan Emmons"
+    ],
+    "description": "This module exploits vulnerabilities in OpenPrinting CUPS, which is running by\n          default on most Linux distributions. The vulnerabilities allow an attacker on\n          the LAN to advertise a malicious printer that triggers remote code execution\n          when a victim sends a print job to the malicious printer. Successful exploitation\n          requires user interaction, but no CUPS services need to be reachable via accessible\n          ports. Code execution occurs in the context of the lp user. Affected versions\n          are cups-browsed <= 2.0.1, libcupsfilters <= 2.1b1, libppd <= 2.1b1, and\n          cups-filters <= 2.0.1.",
+    "references": [
+      "CVE-2024-47076",
+      "CVE-2024-47175",
+      "CVE-2024-47177",
+      "CVE-2024-47176",
+      "URL-https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
+      "URL-https://github.com/RickdeJager/cupshax",
+      "URL-https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
+      "URL-https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
+      "URL-https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
+      "URL-https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
+      "URL-https://github.com/h2g2bob/ipp-server/"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "cmd",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Default"
+    ],
+    "mod_time": "2024-11-21 15:14:46 +0000",
+    "path": "/modules/exploits/multi/misc/cups_ipp_remote_code_execution.rb",
+    "is_install_path": true,
+    "ref_name": "multi/misc/cups_ipp_remote_code_execution",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "event-dependent"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_multi/misc/erlang_cookie_rce": {
     "name": "Erlang Port Mapper Daemon Cookie RCE",
     "fullname": "exploit/multi/misc/erlang_cookie_rce",