Login Sign Up

CVE-2024-13300

6.6 MEDIUM
Remote Code Execution

📋 TL;DR

This vulnerability in Drupal's Print Anything module allows attackers to execute arbitrary code on affected Drupal websites. It affects all versions of the Print Anything module and impacts any Drupal site using this module.

💻 Affected Systems

Products:
  • Drupal Print Anything module
Versions: All versions (.*)
Operating Systems: All operating systems running Drupal
Default Config Vulnerable: ⚠️ Yes
Notes: All Drupal sites with Print Anything module enabled are vulnerable regardless of configuration.

📦 What is this software?

Print Anything by Print Anything Project

View all CVEs affecting Print Anything →

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise leading to data theft, malware deployment, or website defacement.

🟠

Likely Case

Unauthenticated remote code execution allowing attackers to gain control of the Drupal site.

🟢

If Mitigated

Limited impact if module is disabled or removed, though other vulnerabilities may still exist.

🌐 Internet-Facing: HIGH - Public websites with this module are directly exposed to exploitation.
🏢 Internal Only: MEDIUM - Internal systems are still vulnerable but have reduced attack surface.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Based on Drupal advisory severity and typical module vulnerabilities, exploitation is straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None - module has been removed from Drupal repository

Vendor Advisory: https://www.drupal.org/sa-contrib-2024-066

Restart Required: No

Instructions:

1. Immediately disable Print Anything module. 2. Completely remove the module from your Drupal installation. 3. Consider alternative printing solutions.

🔧 Temporary Workarounds

Disable Print Anything Module

all

Disable the vulnerable module through Drupal admin interface

drush pm-disable print_anything

Remove Module Files

linux

Completely delete the Print Anything module files

rm -rf /path/to/drupal/sites/all/modules/print_anything

🧯 If You Can't Patch

  • Implement web application firewall rules to block Print Anything module requests
  • Restrict access to affected pages using .htaccess or web server configuration

🔍 How to Verify

Check if Vulnerable:

Check if Print Anything module is enabled in Drupal admin at /admin/modules or using 'drush pm-list | grep print_anything'

Check Version:

drush pm-list --type=module --status=enabled --fields=name,version | grep print_anything

Verify Fix Applied:

Confirm module is not listed in enabled modules and module directory does not exist

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to Print Anything module endpoints
  • Unexpected PHP execution errors
  • Web server logs showing exploitation attempts

Network Indicators:

  • HTTP requests containing 'print_anything' in URL path
  • Suspicious file upload attempts

SIEM Query:

web.url:*print_anything* AND (http.method:POST OR status_code:500)

📊 Metadata

CVE ID: CVE-2024-13300
CVSS v3 Score: 6.6 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score: 0.16% exploit probability (37.2th percentile)
Published: January 9, 2025
Last Updated: September 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON