PaperCut authentication bypass
Added: 05/12/2023Background
PaperCut is print management software. It includes a web interface written in Java.Problem
An authentication bypass vulnerability in the SetupCompleted class allows a remote, unauthenticated attacker to execute arbitrary code in the context of SYSTEM.Resolution
Upgrade to PaperCut MF or NG 20.1.7, 21.2.11, or 22.0.9 or higher (build 65657 or higher).References
https://www.papercut.com/kb/Main/PO-1216-and-PO-1219https://www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/
Platforms
WindowsBack to exploit index