New vulnerabilities affecting PaperCut MF & PaperCut NG application and site servers have been detected. We recommend updating PaperCut to the latest version as per the instructions below, where applicable.
Vulnerability Name | CVE-2023-27350 improper access control issue |
Severity | Critical |
CVSS | 9.8 |
Affected Products | PaperCut MF & NG |
Current Description:
Successful exploitation of this security defect allows a remote, unauthenticated attacker to bypass authentication and execute arbitrary code with System privileges. The exploits affect PaperCut MF & PaperCut NG application and site servers. Please note that client software on end-user devices is not affected.
Resolution:
Update the software as per the instructions here:
APRIL 19 UPDATE | PaperCut MF/NG vulnerability bulletin (March 2023) | PaperCut