You should blame anycubic for their mqtt server which allows any valid credential to connect and control your printer via the matt API. Let’s just hope anycubic fixes their mqtt server.
Well that’s smart…
I’m by no means a security specialist. But shit like this is the first thing I look for when I implement something. And then I organize a penetration test.
Buying a proprietary 3D printer with internet connectivity. What could possibly go wrong?
Going by the linked forum post, Anycubic has been aware of it for two months. Any competent FOSS project would have nipped that in the bud on the same day it was discovered. Incredible.
And bad actors could really do some damage if they can put a gcode file that is then printed
Maybe it crashes the head to damage it… or runs the extruder or bed at high temps outside what should be safely printed
‘You can basically call me a printer god now’
Loving this.
