Arbitrary File Deletion Vulnerability in PaperCut NG/MF
CVE-2024-8404

7.8HIGH

Key Information:

Vendor
Papercut
Vendor
CVE Published:
26 September 2024

Summary

An arbitrary file deletion vulnerability has been identified in PaperCut NG/MF, impacting Windows servers when the Web Print feature is enabled. To exploit this vulnerability, an attacker needs to have local login access to the affected Windows Server and the capability to execute low-privilege code via the web-print-hot-folder feature. The risk is primarily associated with scenarios where non-administrative users are granted local console access on the Windows environment hosting the PaperCut application server. It is important to note that within default Windows Server configurations, such access is typically limited to Administrative accounts, thereby reducing the risk of potential exploitation.

Affected Version(s)

PaperCut NG, PaperCut MF Windows 0 < 23.0.9

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Amol Dosanjh of Trend Micro
Nicholas Zubrisky (@NZubrisky) of Trend Micro
Michael DePlante (@izobashi) of Trend Micro's ZDI
.