Active Exploitation of a Critical RCE Vulnerability in PaperCut MF/NG Servers

PaperCut has released a security update to address one Critical and one High severity vulnerability in PaperCut MF/NG

Threat ID:: CC-4306
Threat Severity:: High
Published:: 20 April 2023 1:54 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

PaperCut has released a security update to address one Critical and one High severity vulnerability in PaperCut MF/NG

Affected platforms

The following platforms are known to be affected:

Versions: 8.0 or later

PaperCut MF/NG Application Servers and Site Servers

Threat details

Introduction

PaperCut has released a security update to address one Critical and one High severity vulnerability in PaperCut MF/NG Application Servers and Site Servers.

The Critical severity vulnerability, ZDI-CAN-18987 / PO-1216 also tracked as CVE-2023–27350, has a CVSSv3 score of 9.8 and could allow an unauthenticated, remote attacker to perform remote code execution (RCE).

The High severity vulnerability, ZDI-CAN-19226 / PO-1219 also tracked as CVE-2023–27351, has a CVSSv3 score of 8.2 and could allow an unauthenticated, remote attacker to potentially pull information about a user stored within PaperCut MF/ NG.

Exploitation in the wild

PaperCut has confirmed that ZDI-CAN-18987 / PO-1216 / CVE-2023–27350 is being actively exploited in the wild.

Remediation advice

Affected organisations must review PaperCut MF/NG vulnerability bulletin and apply relevant security updates.

Definitive source of threat updates

https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

CVE Vulnerabilities

Status Reserved

CVE-2023–27350

Status Reserved

CVE-2023–27351

Last edited: 20 April 2023 1:54 pm