Security News > 2023 > April > Hackers actively exploit critical RCE bug in PaperCut servers
Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers.
Today, the software developer updated its March 2023 security bulletin to warn customers that the vulnerabilities are now actively exploited by hackers.
"As of 18th April, 2023 we have evidence to suggest that unpatched servers are being exploited in the wild,," reads the advisory.
Users of impacted versions are recommended to upgrade to PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11, and 22.0.9 and later.
PaperCut has no mitigation for the first flaw, while the second can be mitigated by applying "Allow list" restrictions under "Options > Advanced > Security > Allowed site server IP addresses" and setting this only to allow the IP addresses of verified Site Servers on your network.
Admins who suspect their servers were compromised are advised to take backups, wipe the Application Server, and rebuild everything from a safe backup point.
News URL
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)