octoprint is vulnerable to privilege escalation. The vulnerability exists because of the lack of a rate limit on the login page, allowing an attacker to guess user passwords and gain access to user and administrative accounts.
github.com/advisories/GHSA-5w5x-q9p5-9qg3
github.com/gruvin/OctoPrint/pull/1
github.com/NilsRo/OctoPrint/pull/1
github.com/octoprint/octoprint/commit/82c892ba40b3741d1b7711d949e56af64f5bc2de
github.com/octoprint/octoprint/commit/82c892ba40b3741d1b7711d949e56af64f5bc2de#
huntr.dev/bounties/6369f355-e6ef-4469-af75-0f6ff00cde3d
huntr.dev/bounties/6369f355-e6ef-4469-af75-0f6ff00cde3d/
huntr.dev/bounties/6369f355-e6ef-4469-af75-0f6ff00cde3d/