cbcvebase.
CVE-2023-3486
published 2023-07-25

CVE-2023-3486: An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the…

PriorityP269high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
75.79%
99.5th percentile
An authentication bypass exists in PaperCut NG versions 22.0.12 and prior that could allow a remote, unauthenticated attacker to upload arbitrary files to the PaperCut NG host’s file storage. This could exhaust system resources and prevent the service from operating as expected.

Affected

2 ranges
VendorProductVersion rangeFixed in
papercutpapercut_mf< 22.1.322.1.3
papercutpapercut_ng< 22.1.322.1.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.