Security News > 2023 > August > New PaperCut critical bug exposes unpatched servers to RCE attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers.
While it only impacts servers in non-default configurations where the external device integration setting is toggled, Horizon3 said in a report published on Friday that most Windows PaperCut servers have it enabled.
A Shodan search shows that roughly 1,800 PaperCut servers are currently exposed online, although not all are vulnerable to CVE-2023-39143 attacks.
PaperCut servers were targeted by several ransomware gangs earlier this year by exploiting another critical unauthenticated RCE vulnerability and a high-severity information disclosure flaw.
Microsoft linked the attacks targeting PaperCut servers to the Clop and LockBit ransomware gangs, who used the access to steal corporate data from compromised systems.
Critical TootRoot bug lets attackers hijack Mastodon servers.
News URL
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-04 | CVE-2023-39143 | Path Traversal vulnerability in Papercut MF PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. | 9.8 |