Print Management Solution: Security Vulnerabilities Endanger Papercut Server

The Papercut print management solution is vulnerable. Attackers can view files on servers without authorization or paralyze systems via DoS attacks. In a current version, the developers have closed two security gaps.

Advertisement

Unauthorized access possible

A security warning indicates that attackers without authentication who have access to the server IP can upload files. According to security researchers from Tenable, this can clutter up the hard drive so that the system can no longer work correctly. The vulnerability (CVE-2023-3486) has a high threat level.

The second vulnerability (CVE-2023-39143 “high”) also grants access to a Papercut server, allowing attackers to view and manipulate files. This is what Horizon3 security researchers found. They state that malicious code can also be executed after a successful attack.

According to a report by the researchers, Windows systems are only vulnerable if the External Device Integration function is active. By default, this is only the case with the Papercut NG Commercial and Papercut MF versions.

Admins can check whether a system is vulnerable with the following command:

curl -w “%{http_code}” -k –path-as-is „https://:/custom-report-example/..\..\..\deployment\sharp\icons\home-app.png”

Advertisement

Patch now!

Admins should install the Papercut NG or Papercut MF 22.1.3 version, which is protected against possible attacks, as soon as possible. If you cannot install the security update directly, you should limit server access to known IP addresses in order to block unauthorized access. The developers explain how this works in a post.

It was not until April 2023 that the Papercut developers closed a critical security gap.

(of the)

Go to home page
#Print #Management #Solution #Security #Vulnerabilities #Endanger #Papercut #Server