CVE-2024-1882 Server-side resource injection in PaperCut NG/MF

🗓️ 14 Mar 2024 03:08:17Reported by PaperCutType

Server-side resource injection in PaperCut NG/MF allows authenticated admin to create remote code execution payloa

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-1882	14 Mar 202405:21	–	circl
CNNVD	PaperCut NG Security Vulnerability	14 Mar 202400:00	–	cnnvd
CVE	CVE-2024-1882	14 Mar 202403:08	–	cve
EUVD	EUVD-2024-17607	3 Oct 202520:07	–	euvd
NVD	CVE-2024-1882	14 Mar 202404:15	–	nvd
Tenable Nessus	PaperCut MF < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Tenable Nessus	PaperCut NG < 20.1.10 / 21.x < 21.2.14 / 22.x < 22.1.5 / 23.x < 23.0.7 Multiple Vulnerabilities	15 Apr 202400:00	–	nessus
Prion	Remote code execution	14 Mar 202404:15	–	prion
Positive Technologies	PT-2024-18389 · Papercut · Papercut Ng/Mf	14 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-1882	5 Feb 202505:36	–	redhatcve

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "MacOS",
      "Linux",
      "Windows"
    ],
    "product": "PaperCut NG, PaperCut MF",
    "vendor": "PaperCut",
    "versions": [
      {
        "changes": [
          {
            "at": "23.0.7",
            "status": "unaffected"
          }
        ],
        "lessThan": "23.0.7",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "22.1.5",
            "status": "unaffected"
          }
        ],
        "lessThan": "22.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "21.2.14",
            "status": "unaffected"
          }
        ],
        "lessThan": "21.2.14",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "20.1.10",
            "status": "unaffected"
          }
        ],
        "lessThan": "20.1.10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
papercut	www.papercut.com/kb/Main/Security-Bulletin-March-2024

26 Sep 2024 03:52Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.2

EPSS0.01345

CWE-76