The problem is that since this service binds to 0.0.0.0, which on Linux shows all IP addresses and interfaces, it also finds printers over the Internet if the port is not blocked on the system firewall. How big is this problem? Margaritelli scanned the internet for several weeks for devices listening on UDP 631 and found hundreds of thousands with tops of 200-300K compatible devices.
Although there are probably hundreds of millions of Linux devices on the Internet, that number may not seem high, but it is certainly large enough for a very powerful robot to be compromised. And, as the attackers have proven time and time in the past, getting a foot inside the network is not that difficult, and from then on this problem can be used for joint movements.
“It turns out that while you can set who can and can’t connect by editing a file /etc/cups/cups-browsed.conf configuration file… the default configuration file, on any system, is completely annotated and allows anyone,” said the researcher.
Source link