virus logo Intrusion Prevention

PaperCut.NG.SetupCompleted.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in PaperCut NG.
This vulnerability is due to improper access control in the vulnerable application. An unauthenticated, remote attacker may be able to exploit this via a crafted request. Successful exploitation could lead to arbitrary code execution within the security context of the affected system.

description-logoOutbreak Alert

CVE-2023-27350 allows for an unauthenticated attacker to execute Remote Code Execution (RCE) on a PaperCut Application Server. Vulnerability exists within the SetupCompleted class and according to the vendor, this could be achieved remotely and without the need to log in.

View the full Outbreak Alert Report

affected-products-logoAffected Products

PaperCut MF or NG version 8.0 or later

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-06-22 24.587
Modified
 Sig Added
2023-05-25 23.562
Modified
 Sig Added
2023-05-16 23.555
Modified
 Sig Added
2023-05-08 23.548
Modified
 Default_action:pass:drop
2023-04-26 23.541
New
ID 52900
Created Apr 25, 2023
Updated Jun 21, 2023
CVE ID
Tags PaperCut RCE Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.26%
Default Action drop
Active
Affected OS All
Affected App Other
Profile Type Permission/Privilege/Access Control