9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.7%
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
Recent assessments:
sfewer-r7 at April 21, 2023 9:06am UTC reported:
On April 14, 2023 the Zero Day Initiative published two advisories, ZDI-23-233 aka CVE-2023-27350 and ZDI-23-232 aka CVE-2023-27351, for two vulnerabilities affecting PaperCut MF and PaperCut NG.
PaperCut have released their own advisory for these two vulnerabilities. The vulnerability CVE-2023-27350 allows an unauthenticated attacker to achieve remote code execution on a vulnerable PaperCut MF or NG Application Server and affects all versions of both products, from version 8.0 up to the patched version (as listed below). The CVE has been rated critical and has a CVSS base score of 9.8. On April 19, 2023, PaperCut updated their advisory to report that this vulnerability has been exploited in the wild.
On April 21, 2023, Huntress published technical details on the vulnerability.
A vendor supplied patch is available and should be applied to successfully remediate the issue.
For PaperCut MF the following versions remediate the issue:
For PaperCut NG the following versions remediate the issue:
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html
packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html
packetstormsecurity.com/files/172512/PaperCut-NG-MG-22.0.4-Remote-Code-Execution.html
packetstormsecurity.com/files/172780/PaperCut-PaperCutNG-Authentication-Bypass.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27350
github.com/horizon3ai/CVE-2023-27350/blob/main/CVE-2023-27350.py
news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/
www.horizon3.ai/papercut-cve-2023-27350-deep-dive-and-indicators-of-compromise/
www.huntress.com/blog/critical-vulnerabilities-in-papercut-print-management-software
www.papercut.com/kb/Main/PO-1216-and-PO-1219
www.zerodayinitiative.com/advisories/ZDI-23-233/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.7%