Security News > 2023 > August > PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)
Ai researchers have published some details about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be exploited by unauthenticated attackers to execute code remotely.
They noted, unlike the PaperCut vulnerability recently leveraged by Clop and LockBit ransomware affiliates, CVE-2023-39143 is not a "One-shot" RCE bug.
CVE-2023-39143 are path traversal vulnerabilities in PaperCut NG and PaperCut MF versions released before v22.1.3, which could be used to read, delete, and upload arbitrary files to a vulnerable application server.
"The vulnerability affects PaperCut servers running on Windows. File upload leading to remote code execution is possible when the external device integration setting is enabled. This setting is on by default with certain installations of PaperCut, such as the PaperCut NG Commercial version or PaperCut MF," the researchers shared.
CVE-2023-39143 has been fixed in late July, with the release of PaperCut NG and PaperCut MF 22.1.3.
Ai researchers have shared commands customers can use to check whether their PaperCut server needs upgrading.
News URL
https://www.helpnetsecurity.com/2023/08/07/cve-2023-39143/
Related news
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-04 | CVE-2023-39143 | Path Traversal vulnerability in Papercut MF PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. | 9.8 |