Cybersecurity researchers at Horizon3 discovered a high-severity vulnerability, tracked as CVE-2023-39143 (CVSS score: 8.4), in PaperCut print management software for Windows.
An attacker can exploit the vulnerability to gain remote code execution under specific conditions.
The vulnerability CVE-2023-39143 is a path traversal that can allow attackers to read, delete, and upload arbitrary files. The vulnerability affects PaperCut NG/MF prior to version 22.1.3.
“CVE-2023-39143 enables unauthenticated attackers to potentially read, delete, and upload arbitrary files to the PaperCut MF/NG application server, resulting in remote code execution in certain configurations.” reads the advisory published by Horizon3. “In particular, the vulnerability affects PaperCut servers running on Windows. File upload leading to remote code execution is possible when the external device integration setting is enabled. This setting is on by default with certain installations of PaperCut, such as the PaperCut NG Commercial version or PaperCut MF.”
Horizon3 researchers estimate that most of the PaperCut installations are running on Windows with the external device integration setting turned on.
The issue was addressed with the release of PaperCut NG/MF patch version 22.1.3.
Below is the timeline for this issue:
In April another actively exploited issue affecting PaperCut servers, tracked as CVE-2023-27350 (CVSS score: 9.8), made the headlines.
“Compared to CVE-2023-27350, CVE-2023-39143 also does not require attackers to have any prior privileges to exploit, and no user interaction is required.” continues Horizon3. “In contrast to CVE-2023-27350, CVE-2023-39143 is more complex to exploit, involving multiple issues that must be chained together to compromise a server. It is not a “one-shot” RCE vulnerability.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, CVE-2023-39143)