Nixpkgs security tracker

Permalink CVE-2018-25155

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

created 2 months, 2 weeks ago

Teradek Slice 7.3.15 Cross-Site Request Forgery via Password Change

Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page that automatically submits password change requests to the device when a logged-in user visits the page.

References

ExploitDB-44676 exploit
Teradek Official Product Homepage product
Zero Science Lab Disclosure (ZSL-2018-5467) third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php exploit
ExploitDB-44676 exploit
Teradek Official Product Homepage product
Zero Science Lab Disclosure (ZSL-2018-5467) third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5467.php exploit

Affected products

Slice

==7.3.15

Matching in nixpkgs

pkgs.mslicer

Experimental open source slicer for masked stereolithography (resin) printers

nixos-unstable 0.2.2
- nixpkgs-unstable 0.2.2
- nixos-unstable-small 0.2.2
nixos-25.11 0.3.0
- nixpkgs-25.11-darwin 0.3.0

pkgs.kisslicer

Convert STL files into Gcode

nixos-unstable 1.6.3
- nixpkgs-unstable 1.6.3
- nixos-unstable-small 1.6.3
nixos-25.11 1.6.3
- nixpkgs-25.11-darwin 1.6.3

pkgs.pdfslicer

Simple application to extract, merge, rotate and reorder pages of PDF documents

nixos-unstable 1.8.8
- nixpkgs-unstable 1.8.8
- nixos-unstable-small 1.8.8
nixos-25.11 1.8.8
- nixpkgs-25.11-darwin 1.8.8

pkgs.vpn-slice

vpnc-script replacement for easy and secure split-tunnel VPN setup

nixos-unstable 0.16.1
- nixpkgs-unstable 0.16.1
- nixos-unstable-small 0.16.1
nixos-25.11 0.16.1
- nixpkgs-25.11-darwin 0.16.1

pkgs.icon-slicer

Utility for generating icon themes and libXcursor cursor themes

nixos-unstable 0.3
- nixpkgs-unstable 0.3
- nixos-unstable-small 0.3
nixos-25.11 0.3
- nixpkgs-25.11-darwin 0.3

pkgs.orca-slicer

G-code generator for 3D printers (Bambu, Prusa, Voron, VzBot, RatRig, Creality, etc.)

nixos-unstable v2.3.0
- nixpkgs-unstable v2.3.0
- nixos-unstable-small v2.3.0
nixos-25.11 2.3.1
- nixpkgs-25.11-darwin 2.3.1

pkgs.LycheeSlicer

All-in-one 3D slicer for resin and FDM printers

nixos-unstable 7.4.2
- nixpkgs-unstable 7.4.2
- nixos-unstable-small 7.4.2
nixos-25.11 7.5.0
- nixpkgs-25.11-darwin 7.5.0

pkgs.prusa-slicer

G-code generator for 3D printer

nixos-unstable 2.9.2
- nixpkgs-unstable 2.9.2
- nixos-unstable-small 2.9.2
nixos-25.11 2.9.4
- nixpkgs-25.11-darwin 2.9.4

pkgs.super-slicer

PrusaSlicer fork with more features and faster development cycle

nixos-unstable 2.5.59.13
- nixpkgs-unstable 2.5.59.13
- nixos-unstable-small 2.5.59.13
nixos-25.11 2.5.59.13
- nixpkgs-25.11-darwin 2.5.59.13

pkgs.qidi-slicer-bin

Slicer for QIDI 3D Printers, based on PrusaSlicer

nixos-unstable 1.2.3
- nixpkgs-unstable 1.2.3
- nixos-unstable-small 1.2.3
nixos-25.11 1.2.3
- nixpkgs-25.11-darwin 1.2.3

pkgs.super-slicer-beta

PrusaSlicer fork with more features and faster development cycle

nixos-unstable 2.7.61.6
- nixpkgs-unstable 2.7.61.6
- nixos-unstable-small 2.7.61.6
nixos-25.11 2.7.61.6
- nixpkgs-25.11-darwin 2.7.61.6

pkgs.super-slicer-latest

PrusaSlicer fork with more features and faster development cycle

nixos-unstable 2.5.59.13
- nixpkgs-unstable 2.5.59.13
- nixos-unstable-small 2.5.59.13
nixos-25.11 2.5.59.13
- nixpkgs-25.11-darwin 2.5.59.13

pkgs.sbclPackages.cl-slice

None

nixos-unstable 20210531-git
- nixpkgs-unstable 20210531-git
- nixos-unstable-small 20210531-git
nixos-25.11 20210531-git
- nixpkgs-25.11-darwin 20210531-git